Logfile of random's system information tool 1.10 (written by random/random) Run by Friso at 2015-12-23 17:38:18 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 126 GB (44%) free of 290 GB Total RAM: 3764 MB (80% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:39:21, on 23-12-2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Unable to get Internet Explorer version! Boot mode: Safe mode with network support Running processes: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Friso.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup O4 - HKLM\..\Run: [CommonToolkitTray] C:\Program Files (x86)\Fighters\Tray\FightersTray.exe O4 - HKLM\..\Run: [SWPROguard] C:\Program Files (x86)\Fighters\SPYWAREfighter\swprotray.exe O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - http://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.140.0.cab O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.66.2.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: acengine - Unknown owner - C:\Program Files (x86)\FastSearch\acengine.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AV Engine Scanning Service - Preventon Technologies Limited - C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe O23 - Service: AV Watch Service - Preventon Technologies Limited - C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Search Protect Service (CltMngSvc) - Unknown owner - C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe (file missing) O23 - Service: Wire Professional Version (comyninu) - Unknown owner - C:\Program.exe (file missing) O23 - Service: Dropbox-update-service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: Dropbox-update-service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - Unknown owner - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - Unknown owner - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe O23 - Service: Kerning Down (gopibeko) - Unknown owner - C:\Users\Friso\AppData\Local\F7AC1E80-1439568053-8148-2585-386077D154ED\snsmAA92.tmp (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Key In Bold Italic (hyverumu) - Unknown owner - C:\Program.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\FighterSuiteService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Portal Double Quotes (xykumyfu) - Unknown owner - C:\Program.exe (file missing) -- End of file - 13113 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\Explorer.EXE ctfmon.exe C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} C:\Windows\System32\svchost.exe -k secsvcs "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_DisplayHintTextPrePeriod2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --channel="1372.2.780373029\904578152" --font-cache-shared-handle=3044 /prefetch:673131151 "C:\Users\Friso\Desktop\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\AmiUpdXp.job - C:\Users\Friso\AppData\Local\4490\Updater.exe C:\Windows\tasks\BYAIAMUF.job - C:\Users\Friso\AppData\Roaming\BYAIAMUF.exe /infocmdline=YD33I5n2puPiRtJHXT5fHrGMXzP61EdG1bKWqxZpXtC6howT2BLW3KMJ76RnTKjicHcacOw9R5mkqGMpyarSxBOT4ZyBUGwyEfIPJqtacq+Ku3HBm8y6e3EL+cVuNAi3qslY6WbHWWnqC8INAf5sjvBKrIgPHALeuggm1oNZ1osmuQ4m20qphgpTw+K2oxRPBj6lDF6QApeIUpGyO3C3Xv14mUpQJY3eFaCKXDDpVhh2GVJamwyxWDgvuELdbohKBE3jA4asy40E1JH7JxaE1aVwu7jdCmGvO7S0iM7u5rUjwoKXvmPLCy/6ztnd/0rHMYMFgldUEJVrZPF9WIMSW6nDIAUemw2jScGMIFapC4OK5RUFHrggfChqixtrcIkZFpD+rq7hYPZC4HZOb0TGtYCY81Bk1XL/5LDSVzH7HqDBIcsBVGlP7StfFcxMET5ow+qC7OuldWgXJzhiRDLiLcQUtFrQr+MbtKEn96GypnKYhMGt13pWRp1o5QfjHRRgsZkLutK+wRg09MBTdV6esMVJAnVrHQ18v7KwLAnjHLQ6qygpZwcc4FRKmt288xLM80NNLghoNjL7A5LleUPNwEK91s0rHvKmd83SdnKb64/+DklNpVBvfiP1S7ufH9ZR3T06y0c1dfgiSyZsKto8dEXbr5D/fQu+D2xz3adWKyg= C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.exe /rawdata=fcts7jEuhxO3BzcN1yYvLGbf9pb+lqaxlqj/c3R9UlP2WIRCa4dzhQoEo47HuF5eMm38ALbxOsNmjAERVWbrXO5VYK7E0VvRf4EvFUosPCR8gGoSoEfZiKJABNC+lj78CueuPH2FHtsUbP+GWfLetlksZMIAOizW0O8pWRtK2hZ+eHqFYTYBXkyhHSdgGwh16YoG81jLExuWQsQJDJTj9kYLa8CefArXOFFUBb2dDKvmBDwJufBzqHbDNJYmPZqA4qoW1BBv0ow+LX6eHKHHQ91j3n00g2rxt3aoWz0AX418WGNTLELW3q8++BHaeUlVjTNay+iC743iL1anpqWsMR0plCLNB5A862Ipo5Kcom1a1Jsw6QcSnIC2enWTcG5+/OIDewFml3GYDtZRrStNKOuRunMZxNx9FMovWu1JeSZ3TZ0Y3KubJZ4FWR1bgURAG7UPLv+ZO2C14ZPDt1qusdufI5Q5kJ+sC1Acsc/X5A4jdv9ZAhjbAlJSLSobfgh9P9YzKXAS54vhpksY4cSHHbSEAYsWTs28zFj+pZ+S6KqOpQ/4sEvnnQVJwd/dWW7HeH80DW76xOHYUeAfydA3cQ8i885nKsMfT7A6YAWPCop2BbV4jTMJJG+ToEbgE4OFmi36qVGPGOGhgsAe6k/MWSmd5OfvPcKjSLVTYuFvdUKqI5gn4Cjt+1D/c0vtdpgm2XGCZO00tYuit4YpPq4NSlnn03uXBwYoa+cUuzxnmRVlHk425fU2GUsN8ITy+EjUI/fN8aSv5XjUBesRmkrtZ+4fDgDIbdMeggSdiMPBrmaVImQNHoE6N/26Blb3Yu7vrXIbYBDtvODekIdya1S3DCTZjhQSuAbrtVBxaGDRliWlI3nxjbqFDv1Y/lpSmE2EQZJL52qG/ySe2TTPhIVWX61jawDYWYQSRpCfbAzGZMUKkT5LKDiBEgwrm5I363f3IjsjacKwSP/lTwYJEA7BzO46PSXddEiNUrB5UP9w6PSDkNuZkbGPAOCqNQIS39gAbCF8+MNmKjvlkmuNEdpb0sNy7I69Ub/gNwKFigKPI0G+MvnNv/gQZaXL40zTVtGi9S5zaxD1IVd8hQ9dZSnGDwz9kvSBJ9t6D1Rnb6g8x8Scgeg/y438xVCjc826kCD2MB+6yiGgc1AOZ1/xwVzUb3CFPd0QmpSiQjUB08XTyl0YglXYCaH8M78MNE1I8zuyD0OscBsXZna8g4NDLRRV1GYrGfL9W1kXsz9J1bn+TVaYwu9jQ17TQMHi6J2FnnpDPGTYElM7Fhc8IVW5Ggh+5ZbQa7pSmW+s6JyDdexpzpU2c84er6nyqbVx8+mRoYJegsWag1nfmAPMnPybeVebCA== C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.exe /rawdata=CEAP0FKcZES5MBZH6ayRn1vQWB4gWZUthFulVAAa71n1rgAOF9s17vdwD9/J1Kr7CzwCEIE32dEdZPwVGaAtzlHR+3tgTaw4CmrZYqK9K6Ztxqf2LJS9n/+OGyieX7c9NABZBra3sj9mOVLe8jZ858P9BFNAAt1DlSTD8TU3r1NeC+IXVJ7Po4A+JoNZpFwT7ix0Hu1k3s9txxXnoWF8LR8kd/0ZHlVwC4j5nOYta+O1MeZfJJJlAA66dBXF9isOrpxO9M/IhPrXNzBQzRmi3kFPMx6Tgk+M5JZMGqnne/tG5lit/Z0wieScw8myBvnv8otFCJpwrDkOIpPOkjUFb58ehvMwC42lhL69+yza8dXEpiZNwb1ZHn49pW3pv5Ft6sQmuZWfJWgxDvFRKe5jB9SsaYnaaD09fo7ug26x8mVEjtOvRucTRHnB1M2BheNQfOGrPBFXRm49wAhMRXLp9U/XuKlNIBWsmeJiXf+d+f73rjtR5ydVzHz1cIeR+2/lGa4PUZxuweISQ8KodN87kXmbq2S5b+iHPTaYXi7Dl+db1krd9yitx6yLPYaj1aL4EqBSBXSLL136Xxk7PAXbnd1Ezqze+uKUJX4Wp5ZMJ5HBPKgSSu0zgVZpwlVKrNp5uhs7emmSvMGmHmNFyLAtnd1YJZjXZyCWKE0OYP2FKGqYQCcleBPx3e2eWwByysQ+FxRTXSymzIZyRr7wHVzK4jL41WNduXc0Opyv2rbt8JgxuJuANg8zpFag7Fu0cQJ4IKvfTa1pxK+EKIOPkb5peYU82gXkav94On429BzKUdVRHiMZqUgQYS7MDP8wYKJ2ijlo0vHT3ZRrv4aG7I4SEmNgDV8vY58ihrIBbsqROuHOT6fB+DXaQ2WS1237IpSvkHY5oDXO3bSPfcx00EEr2lmOxIn2CeGPJcerLN1GpoUXJ8/p5rPFSEQzZ6RhTQtWYEGp439bk/71Q4ebChGXeKLWpzbpxPf8Nq4WB2y5xMnfcRT0qiwDZ+H35DnC4NEJQ7LgtYZX5lzKGaNQfNTJuaNLhxZ1YENBFGaoxkIjZjxWea+zv9IXCqZwSdC54DgiakmEae5P7uNmYCWhldMNlXHkITwA01b2Kufdi7P9r4zATawFpKVXJ3//VKTSs94sEI68bmZva0hcI+h2nHjVAaB0bUtTOOKi3fCmL4MGZU+pE8OrgHTlFZpatbvgCIvRjPXnarUQVi+bkgRWs9xTYJvJTyysR6rfyIVyjri75a0S2my5XOY/1NmjG5YjwLV8xZgrDT6p7U0NdraLazE2Tt5+nIju0NHu3I2kC+DVNSbiNRKoi8VCm1fbQkEuptK9wIBv7sNDlUSG3hWfGCoGb64adMeusI5SYVB1uzpJnLXHCN7kUCDXdw+gjD/vLDzOaJDK6haz7a6Bu4G2nJrD/xJKFhs0f28Di/AVuDP6rJzvD8Wn0brFQdGcUO4ojn4ONIs/rJNmOsG8i7dv9zHcEOPYZqUgZsNUpclo345TlsLVb052i0sYa5yGx1w0v2fA C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10.exe /rawdata=EoCZdodwFHXBzBo3aHmhgGYwtCDK8BE+YZWSavHzXIUdHoCnLOjec82sCKUIcsuB9AKYtz55QYQaR35sJTEpfcEwl6pXdt6gl9inteNUny/i5qJffLPbldnWf1ZGYZWXRZomYHx/I6XoYKb4jCcYXSkf6YOFKfPAJzlxNbA16hyEzTo5xcUPA9mWE7bBGLf8qQGZGcQmdS1fX6P44QBGN0SqBBdQ5x63Aa3nCVJj8AD1NQ/SM6ggWiNz9Q11JOGAQNMNlFnJDqM2vB2JUxVM83CJsuvXmPwo9jzNwvbhaPUz4SXixyN4xzrxAEloDoUlhAFtBJICG3gug05Cx3sYEgm0DtWZV4MbQgoeLjw+BUwMayYmDNG91xoulaLoNBD8Pw33DIMbOINSM6ycSjytDgmOcBwLreCoyJp1fVLKSFZPfOcXL8JuQRaTiP977q2b44APNjtBC7JS0bHZPg3rg+GO6R1bVvIpgWwtjOCxe6v45Mrk/ARhACl3zcaMwNnpqtaHSyopyptjy5PwOjNwNQLj2BxLVI+wIFVgqR4NdC3ibitq+Rw1sYRfvy7AGxgaEgvoO0uUtTHubXVMI0tzhDHZDwEhWRtqB55Q0e8G/+r4erJ61jVs7d04D3ko6S1zDxazyArKz8UIySli3RBr68V1BnFctAexZLcACzHmBbN3kkGmAdlIdnvD2+xgM2ynda4EVXA0fMtByuWL93EQ2ymt2X2VMiumzNDNqOCvxWuhqbhXHAcB5f1kExaodoTuMjzuNG7WEsi0unnYQ3MWpzRSiPq6fx5kdubtCi5BS4GgqtvGlG+SrFl7RslVyd6D6EOAkMUuBTCmw06/p8k03A== C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-11.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-11.exe /rawdata=wKTVrdiSOU40ajZoYDm6EY0gaJKNB9/oRz+DLkgcBFc3ZSgvhLb4XC0Szh4alV63eUj6ferognDxBhFRGgvpc4LfuEYIi8c73zXE+lhac7ENwQiCOSUkg2oi5oQOhynTwcZsRCfdQtcBKASlIwLynS6leaggkDpsRgCsAfPtLoKbMthyDjonRFcbtemun5nrbPUUP/oby+1RCEA3SCdepjfp9SMgjwKR6f4EpJbtQgWLDTNs1elSysldy8GVh01J0JxcL7n7pRLGqm1klDHuheSSo4FEJzWIrX+I/QDnx5ShPaPBQem59BYBCSjGP2rxBnxFBBbqgPKvOC2/3/wmhpW22ZMtBOpr2OaUomQ0BlQvID87bTMqGLYVwnl+4avj71qo+Qo67K40GfRd58Ntu0CkiZ7umaV8gssGQp76xDVrVhUWgY2q/qoSfzy0NEVsGgM9fISuQ5tAjEywYnKE6Xt1Gbotw9hvIOf6ORT5gTYHVwAm27zfDlUPODzr0ijAuseoe339mVcRJ4Dm/bJCjy+SUosv1tINGDyQxVcWiuqwjZdzqYoh2ith/wTSw9CjSH/8wJm0PCf1H2/hdRoawVj7DDEpqFn454rsjqXrwDxOpitxqbaBf9lcwCL5X4NJJVjQaTZ35ZWleKbFYxM+DxrUKrr+Feo7m0byoCgyLwQnt2VEUO1Fy7eJnTh9Kbl1F17sbl3E2YrWRIBZr5wibYIur+nYQqcbgkDWhDQVPR5e+t+Ydk82M1/+bMAOWfE8SaRcV3fNhnAAuQ6sgHMhD96GaqkzaX6obF1tNj4k/KjY+Rja6roMWIUcF6SrP4Tqi+EvrJe6M0Y7fNt7Z9hXs7SSMdxlV9Z4pb2+X7KNLel7HPcj+4vPPjluUp8d/BM3wz42/WNoLjhYcF6LYtKm4xyIwzLmYakIq315LKkxYOGHfeofuBalmILRyFHRUDlavxI+XNbDhZIW19JmjfoCiPKlhVj/KelQ1vC/TRpZ14pQiO96KtAmU0mbaPyFV8IYx7lkIWipUeOsv4WNDXLMDwYOtdlsoFlkMC7+8Uhdv+tfZ7m9Hxbq16XiT33R6t/DcweSCVfkMOXZHkrUsszqWJT50k5iNPCAJkEHOQTpHsJGPfCOXJ15o2KRKOR/dSB2w8MKHaSQY0ZSSySq/3sGC5AH9my8LK59xywWlWeEPnpN2bfP1iE74isHk9Lp4JUG0xzyMdVFKXh3yQnKVjdlfYGWa34jaOigJH/vzZT+zmkjInf+WESpvGfypUn90OXHnIi5ZKsJq/lIFST9ExznC2mMSv/QAzF/ffhNhXhMbyG85Mgw0Yfl67Umf7bL5gsGWsgro87sBie1xaHJox2DNVTemtouCpYUrHMk77/J17v3UvUuU/OYOZe4bKuDaB4c0rZc5RtqTXd75abgi+RPBO3XNMNVBxELw0q3Q7sAmTwOLSTN81i+yAXbR2mcRq3/CI2jEPFDQ+bYwWXUEGIa+5PbCW2Srr1etsOnIJOQI77MULrYUnvRRJdmk4MAEfnJi8UOx+Orm3t5YI3vpVQaC3d1SSYBwV7YSzpnbXCHYjok9CHY+21K80lWZrdZJHuJH0JCyV4DDlwINC3NR6WnFzxIBKjpXxVd/c2SpUJeggTW7Sw9sl9f0R5VNp3dOegr4MPjmg2zuAco+5s4FDCtwa7Uz1nf3mmwPCHPb03Ar22AJTNl059T57Wxy8gT12XzjDhIonLeR5lggRm/JzGY8tgrRrqyi5BMS6NPPjGMuOW9+SQdgP+U4vw4MXC9t1aGOLwfdX2NBvws/ualZ2Lg/NTaaKhAvtXWaP6So/6TdW1oa84uvmsAgr5eDTQf3V5bBHBkwxa/trLrybJ3MqOyNzcdNCx5Zew6gtYJ6GswFEki3o16T/yTX9UfBIQeE71g5xW0YjZfOZnMOCehO96A1y7/ECNvH4IVzRDsjY+dOsV4rVSatB8px3zDgusXTuYCNsLojWK5h6z56XT5qYWR1WrmI2VfUGrqu/uxGVFdhSBLS2VOf7tyZ5FYWftYycbHkbQzn9cUI23/LIPZRtSM7iVUaII+KDp+O8H4840AUNhNTP6sCuNFnZ9nWJJAkA3a22f7l8qMRrE4citEIrq4SW6ct1XWokhbIQ4Z0K/e5OWWQCk0aCXWFTg9EOEZFKpaYX87n657zwssrBM/TXv7gxvPFClPYk2As3C8napE6bJNeMzL9RIcKdEkv+zUYhg7cFfvsGjQDhpSbbWVt9J0qzvfVNXHnZIAYEuREGyx7b6VWOYJ6lOr2Ze+i099dUDaTxOPrY1KZTDciEFOI9kueYEoRLIkhZ5Zez6pMZvrGSaU5+yTEOTeiXFbqjXDAK103SGhJtY+b/T4sVO0LJFZqA== C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3.exe /rawdata=eMbYeuVSliNax57Luq95IskpqGmrlxHRFxl+ZOsvTzjPG0PjNElf961jaIPe0s5qMasYkPrII2lXyyCQP70e46rA20M4HAgQlOYu7fE3S68u7XeT8lsqQYVxc7p+Jjbz+IpHB1G8yZ+hej8zj56ENmAbR53XyXuZWM7Jx+/1MA3DzzF6AmfdEB1I3DOYnEKZRGA/AdZqZmNwp4MczlFCAGCY58ukeNfHWEO01nBRucJ7lf66AuhWtVQbuKX417n1Ap3b6g632tkve3xQTuq5qSrjd02Jw408v99XjGHkA/0NWrOhaWCnZxMFp3H29m+gt3qUVxZX2cF+9e99LQlpbqqMv1HxnHY0LcXrclfOLeHuCwcWNb9rzIH9F2ZtFHtRS7mQVOJJ6+LtSl76JHCrfVsJBlbs56PZx7pqE+uCty8ggMYbBD/T8PWHlt4TZ2rPmm73yN92q+XWgq7pjjBYFIaj2iIjUjjGh1R1iLnGIsbY27FYGuZcHGle9yTHNCkUnn1k6H5JntNX+Ee0DgDM0FxtsJ5FqCqXYHOWL8MiFgW38Q9RSDpAf5v+PKyYHUXOjTFCUktgomvRDW0p9bYw/SxO4nOFJRLv5IMyE/p1d3gJ5MN0NvCaiU9BloRcFzFYJZgRuPnHmRWkvf9F22e5FPbFPdzd/TnCB+ixcMRGPBAzpMgopUNnKF896KeC5CEC/PhLhsar3nyyDsV+Vr39U893RHDlY5ND/NGqMDHq4D91pBRVwHA3+uVMK9v7/rYm7x3GaIy7sWxBTRhjmKZ+RRsQcojk0G7/l65m00Y3ZqaMvAyhU2s5rRvE5U9bVfdioErKF4tb+0/BZzu/kXe30kaQHayNI+Peq8/mnKzC1Smukp9CpoJTDzeav77pd0dTM9G/WdxLuC2DkPOmxDHV1MRYdMwNPTUJxE8Y8vNvkx57mXBDgo3MkZaolLDbrYZGy08yJ9FYlqwnBoRwAk1Cy+tmrxAayisl0PJuLmcjrw2igshYCCZhlacjrt4LojOcdM41qahYWkNXPqyOO3jmGBd/+9rdr5Go8KD+chFDluk1iny9cR4FfbRivh2+Zb1HY+2gP34LLk7vj7iVxfh93bpOgsqd0DB6UIgqzxEzkYct46K2tXA3R2XPxFq+H80rDndXx7prW/v6x1SruMrdM0/pvRpXsVP/nB/VgxxBpeUax3gsGf5ZSf5iOsmoAbXfMYdeAP4+ahLjJssSEqWyfJcP4dPybW9Qa4e6se2R2vzV4throBWhUamTePOiel549eAlxln2OIiSkBs3GC2Vah62xUSR7lwu7wNOVdu9bN1jXMgwsPcZY6Cge6zWb0NW/Sy8UcvkuNPmqWKptiNC10YZ1qgaaPfKHAaTxxCRqMgaL9M7IoMlIB8sw08AnBCkfBURERfXFTQmquC799ODvDSmviocBig7bIO2qPFCzHzWH+QCkrl2+6CoiLuofsGLmTZOldTWCyaTZN9JJm029BKPkbVTBae3waqyEeAM/eT6ojTYRwute9buB2XLgKp/C0wXexnpX8XttPYTusaOSjV6OuZRimVgWCufrDoLg+Tx0qdo5UWuxmoppGJpbGyuyeouDSBvz935CXj7IiviZOjGgraUHVHa17NVhQz0fFKQHn/wsxXwsSzoxKOnWudWB78fw2FCRM5punRHqS1c6x2dctmlL0dr/veO4khdPJZnbG2WxyIY2l3qkntnZbH83q5KMXNzC6IR3j0D+D9VtR2XxV2YKemiZVyeP1pqtjpxfNLSfnDirmkt9FGz9GmfvEG4vjNRBabxE7WpYW+KPmlFkvH74WYAfpulEaNMJgAzXQj0lqFLDxhkAFnIh1NkY5a2TWkYsMTa9qae8ZY3YUofEUDy4YSRrZ5wD4Ttd3zTjVCgrGGgzBJQ0HUW6MPhor+eea1Ki3rNhE0AEJYhxmOJf1gIPgyC6VPHMRzXJpmc40W5jLy3wgOeHWXGsl2oZf62Ohp9YU8b1S7z72uI2CA1sJ5N+krV5U40D8/7SOhhJNmA5Lmi/dJBGu4mq6eZ C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.exe /rawdata=gEKarPwKCvzzqVZ7hXIfl8zbSMD1Zur+HTvWxCky2J5Imm6QCsRTUZ8XbFd9SyA6wRkw7ovvkhC7GiruQQb69QnFqKLwi9AT3ZeONwOs1UOR6gIVDH6AgOW19EeI2/gnyFxtcgVm5obua1DuWmnqM/wlMZvpCfnPTwaWKqJZNKlHZv0l6qqU27tZAzvIdV9kdoDUAHS0Pnl8TMg1DdejD4a2fwdKs05xw7axdr23YV5DdNHdKaDtd7pVKcBGK+FhDxDX3wyD8kcIfOCxHSLz42swxClraBwrezWschgTN419mC30IhE/zubsZY1XsA73Xm3D/VLyMpycFJ7IhVCJQX5fRmXLANQEymH6Y0USmu9whzn9krNknreG24aRlGns87CHHSKCrdxBoEEz3cgej/PziR9lIey+TF5SZYS2YIZgSpGRW8QivqjRLu0MDiRrRyiOOcxjlZG3gqOBpTC+rWn/I0dgPEXj3osAJUZnpEHviz/2YDjkjZKqC4w0NcZWgOJHFnx+9WV/7LH8xn+pfwYlYWte85niMQrtpL7yhg1YI4yTP/LO3vcTjF8Jn9IOicIdVN8aeXwdnzkuD8LzUyrgnkd4yonqkJgRMt2hRKGtKhU++tMi22cMW7VlW5l9ZMlJX6+6QWXhtm7mFa3wkb2AU3EmpUk+jqo0PuHbw7o2jwpJBOvJjAJ7iCVe6dBx+hy2fnFItgt1G1D3HQxiTBSPMCh9o/UpZz7k5IzbTjUaHRrkZZqR2TQ0W/EX534ph5Dc+ifjM/DQCt2MQbcJ4lgP4XxACcd41QaSOgUBK7FtasgqjUpNvALBm03jZdMpVJ1YiYe7MZcVUgdtMpYHI4YOLhotLFamYaFgdYxyrJM5xfGm8ZjL9hZikpMmGXSaNrQk6ykeQsAeVlurnA0bLtMbo0jEl02q0q/YqGRxYWFN39Ydy/OO/Zn7i0gMfjdYnB3rn3hNrKUhXhmH48dTxnUaNsSGPSBxSovo3RJxwGLOs4nB9kWWcvu8Y8+T8UVl C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.exe /rawdata=gEKarPwKCvzzqVZ7hXIfl8zbSMD1Zur+HTvWxCky2J5Imm6QCsRTUZ8XbFd9SyA6wRkw7ovvkhC7GiruQQb69QnFqKLwi9AT3ZeONwOs1UOR6gIVDH6AgOW19EeI2/gnyFxtcgVm5obua1DuWmnqM/wlMZvpCfnPTwaWKqJZNKlHZv0l6qqU27tZAzvIdV9kdoDUAHS0Pnl8TMg1DdejD4a2fwdKs05xw7axdr23YV5DdNHdKaDtd7pVKcBGK+FhDxDX3wyD8kcIfOCxHSLz42swxClraBwrezWschgTN419mC30IhE/zubsZY1XsA73Xm3D/VLyMpycFJ7IhVCJQX5fRmXLANQEymH6Y0USmu9whzn9krNknreG24aRlGns87CHHSKCrdxBoEEz3cgej/PziR9lIey+TF5SZYS2YIZgSpGRW8QivqjRLu0MDiRrRyiOOcxjlZG3gqOBpTC+rWn/I0dgPEXj3osAJUZnpEHviz/2YDjkjZKqC4w0NcZWgOJHFnx+9WV/7LH8xn+pfwYlYWte85niMQrtpL7yhg1YI4yTP/LO3vcTjF8Jn9IOicIdVN8aeXwdnzkuD8LzUyrgnkd4yonqkJgRMt2hRKGtKhU++tMi22cMW7VlW5l9ZMlJX6+6QWXhtm7mFa3wkb2AU3EmpUk+jqo0PuHbw7o2jwpJBOvJjAJ7iCVe6dBx+hy2fnFItgt1G1D3HQxiTBSPMCh9o/UpZz7k5IzbTjUaHRrkZZqR2TQ0W/EX534ph5Dc+ifjM/DQCt2MQbcJ4lgP4XxACcd41QaSOgUBK7FtasgqjUpNvALBm03jZdMpVJ1YiYe7MZcVUgdtMpYHI2llXHlv0V2pCyMixRyjyv0TaosvEu1MD3gsnsuON3OhfDxEzKPoYq5Me9+EuABbaNODolEq0QOrmLObpb9jTe8aV7MnvagmCv2R9YDDbWfhrBXQDnJuuQl7KdcSpCPoSGQEbXq0rDWt00evchhDak/8NHI8ez8lof65fTDnc56s C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.exe /rawdata=hxiZoj9Z7cyJLreAKYhJwEJcsbaImzxqI8rdm+pbyl9EBm8MpMJMd7yvMXIYMnqwjtEHsqaRn80UZwvN4mHv2WI9YSD6j0IPU9RoIEYo4TvmSONz4XzTFL/g/80YAWFrysttkxwPXQLloyn2rayhvEa9nGBurKmKRI3Pt/5dhBdtJ5Hs+XoMxnF2u+HpSbvPK6E0vAOZA8hX9CWCQbYZ8q1uXCMJROPvwZBo5Qgze+32IcIPFvZs+3p6xe3XeP9gmrLTghtcp+V62vFQ5XmNYuFgq1oVCkah9qDJiuCr4qKTmqUnO5AcxAgjaf8rAc/AxZ83IV3FW3zcZ6lo79YDXIz2Ynj2GsLSwTh0jf2YMkgBbAsfrK1xbfqeaWqLo2dbgEk0KjAaiugLJf7Doj0CrhAOXOWyKLMBh8ARsyuftUu8ibMWjYWJ0EcHmTYj+sRO/6dRy15D8PsyDNrTIVUoYd3pdFrCZfBskzOMtKvZ5TE3wlXkilBOROrmObkAEw7PtE2JmokCaEUYTKKkKYbxATIcKNJfu6swwnMtMBrkVyt9cx9jC4mG+y70iTdg/DjFKn/BtShgx4o+eixInGdUcHLW0SgdzJcmDvRO69pWPcNZs8R59aXnAxIcCaXLU8OVUDIXgs58NbcxzAkWKq85/yGCL1mhr2URd5IDppq3md61twGbZeYzei+nQrRWGyurh59YAhUtGz5zpWCh5SyjBP+wSdohZrkOXYUYY39bG35ANNlzfNLPG82DACAM8aje00hlOP3wtyDkDTUW/EFZswW9izQ9cVSI5m1MjPM0blhoIdC+FJL8WOQStQXqWBF7R/XI2z7wkg8vgmWno4hV/q8HAgu95eFnmdoEHf3FSwnsEG4XyWALqdAX5Qww7cgfmSpjX5OwL0myriNfrDuxj8q6wdspXJFx0tQBRX6hl6xfbHATS6PzoSQHjwPJuWEWmje/SZppnWBlKWHkSCYBnHt1oSgefyYXsZdKdx8g6XiyghqjP5GlxLz9PMZ5YQ0/hBVAmSwTpfB9OEEUzmemXK8PxzmMCFnT9eM+LASAcjC77Q76wzWPTBCk6IPYDRVhwVOG3+goYBA9asxUNEZXpJ+1ZPF+TuPi1jMZs/DX8CK/hy9I9xRv+4pEQWfNiTvHv0PVssQjNHOvsth5benFgZNtX1IhwxkjKUi2b7Vzpg8aRaHUN627aV3TLqNQ7NssMoiT5+E5687kgJzySYMtQc+YJ9YbQN71VyhJ1VTNZAV16JqABFpqwJsQsnSX9A1JW6kH7+7q9DfUpBS9iaExoDLiwKTTWSgI+TdGxXbkyjA/C+2j/4M9TvGPztpOWjxv4jhvIamJLVeNosSNk3p50lDbeV12s3H2jGeCMy1CFFau0QRngs0V8M6Jn/eIEKqkdBiDwOnApij/s7bHejYapYTUq3s6QtHNAseAD1FZ7PhsUBxx7LVR3MjdtF7uxJ9w5ZJ2i8Y/N38VzNWj8dTmNMB85301E05Tr/Fm06hMHR9HYfGq92RfhzFQ3+nbmlZjgcc8kYLZVws+fMFfaICfO7ig6qbD+ajrgXOV8HFIkn/U59lLQ35paeDH+SjJe4mp0X/rMMoDJcwTxHEBS1ah1NqsAUIZtXZ0YfIkcFqJmNwdY9CME+jhDF6tu7ng+zFw4xxPe1l8mEmcTeiyDZCPEqy94TTdA+Ur5qYDRYq8fee+QgaPQ4JOPwywfUuZARIN+FHO7C26Sv2Sz6/VikeskHzTIGazSOcDu6uY8p9dO9UFjuOecuJGrL1hGFF177hHcJjHx9660tlmb8gCWuKBw5rWSnAY8NJ6BruplEgM03kvmqEhV/4FN5ugdtsFu4uh7ys75KWNl9geEs9jtz5UdwRE6aV3Kfc0+j9kLRT7XuH7MZV7dKsuBJYZfGzUudMuQJPv+BXOKrb+ABNEzWU75ggUPJ8GN+WPiaYo70uaewRx1R9KNqRHS49tmbB9iI5lSQJ+6Pb9/367NOmkVUJEWShuRpb+Ow8Okk5p3lyBwurf57cVdoB+eQhPl8c0sB4kdwdE7kXCoFCFb/p/Zh0n8Iu2kmdOqKGwowcQWBRhWH8Zb92rR48Jrl+tFL5/A6+99ljDdtlaLdTa57c60CnNQay/j4TAT0/OuAPGz4FvKbID3u0Lpblgs/RuuQO4QpnLWMD6NFMXKx6Z7dGeSFlHTUMnFxmsXtmBe+bXkc/srPqKH2vQYEAkw01JxNSJOnrFwis1pfkKduhBHk5n03+NjnxfqpUx6ZzWDdImh5nRqy0zQAxH8ywrn36cvUWT9d64jxgYJCuCWcqhukptG7MzHymIiR9YH5qzOoZvNdblg1eFH4F2hmgDGu5JKCADV2OMPaDUwi8paCi1+O8qO55ckwSXWlP9/Ej7yOSX/nnsNhezLujvRQiAMrkPD9HDibWF5UZ+0fi+Ni2ooPHfjBBQ1+75sSD+v82Dd1th6giXeAE3PW+efHoULvVTcsGGJa/MurzzTAWVjOIZYM7OVXadQGVZbiYVmA7NNi7tjS6BUTkp81l8Ug3rFX/kOIR29jnM C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.exe /rawdata=IIfw9xAxG8++dd/TmVRlxeihWoRcqXj0Tj4hkhvX0GkgfQUSEuPZr7/1kR3p7iJPKEf95EvjN3/f36H2OZUtlrTmdIVtMgNNjzJ3e0R26uKCOWZhz5cL2WI5cja/6S1QHM5c9Scgg19KceSvNjexH87uBkUmoPv3yLLawDJYUWWk6j7a9qD/zBM82V1sD4QsIklK+Fhu3NTzzeCT0Rtc9056V5AryvsMyKXebbaz8xuUIpCXxgtMAV+qHODeZeGPqOM8cp3C+eL6Ds4NcFLVVGRXhuqd+pgCPkUpOMGba7j4wE0XgOHsr1aiSESQs8uj21ULPd9q0Wsc9iU7pIRVVkdtU5VN4pro6LzdVLEcs8WUATi17G1j1QXxUxJrEuhLWPeoxppXHHVQDdfvnf6eH2geWPI4qUWddZVfk7ckMLVXtIGXkHmZ/qaCj5e9UBif5sRkOToh/B/BAA3UbKUhnYwEJbtnRFtecb+w8dGsKblPWbBb/ljpvIqxByRKb/41GDb6VFGLvmLH3ZLRxIk6iaUEr8P0zNol08N/YkgFtK80rSDDOVJRRUkNgfRIXdshMvNKzKhz8AV011+8ODBuew1CuJy1+Bna1Up4c2FEpDvSqcGWZ2TIbFAUWJZstqbz5EJh6LhXpzm8OpF11rSi3oGFKNDBFbucJegeTBblx29EjGefpHtTVM9g+s28WY3/V6WMtPzzDx2rCvMwP4UocnKanNRAn1AcNj1ETOSVCjvQAckxVqXAgY52GnBwoS5D7dKC/KTUOCkG6FlUYVlSj32QIlKKQ4u2t83g0Te1cOF7qrtKDzuuKgYDpl1fY3z7/KxIfItJ5b44nBECE+f/qrJAbDuShOIiwPRDW4GsTfxe6y0LH+8Dvf2PJLIFkF2QwJu/6ObOBAGj2pHCgpHJ+bvMMgzcHohGQzVK2J/nCV1dbXmZFp0NyC6TptowKyxFhrEurikJ5KSv7M16lhWNRsLDjygAQbazZ1E9a0iCLOWp3zDL71CFynZEvCBNX6y1sSx2bIahNI6iEFgWO8PEMcz4zvr5iD7Xn3jfJqReNrePkb5aAT352E502cchKPQT2KfshO4HNEf7fQPTsB8dfBN058PIK9z+Zq9LJkHOoK/9DLVsgpA0arHfQKbZnbe7tk5PIW+SjkaOeRsBtaBlyd99bCp/P5fjk2dQj9EmxS8k2BMBzb1PwKsOSVMNU4wAy3OJeEyEGmuqffLKpc8ZxQ0F/DMRWrExc7DOZiQvVc6yvIikTw75QJbC8i0o8CDikcC/bjt5UU6qO3f/vaA58BebzgZWEBp1ydsNkv8uZStclA65DFVugUaQotAHJPQz/XnQs/ubfi2A1xwBzsx4/CQIah+RgtrLLiPh6bsTuWBVKKEQXhzJzRDBl7CuKC1A51Cgh9UL67oaKbK3mcBvNKs96VD2IIx7WxkLgk18ocnCNV4Xn3UirVjNGDGI2PBwggg7757uMBtdOOFjfARbPuZ8FEWEWyYW+/XxRwS7f4k/7+NeVRJLmbG9DHZWyWlqGtFblm82cwhhCxah5bcNysQhZebZzY+qqLMfXwCMsUhYOwA0iQphnYK9raDHMKxthhBX8+UHhI2wI3Aj9rgsH49bNtw++NV0FznQrJTREd3CgPrL/G9UGZNbUDVPsrCPgdG4cAV1B3sSGfhrpSTTejDuT9RpizBmvw+E4GepGtDGExndlQZDYS3b8RSqnWhHG+OgrJcW5A4ghJaeTDJN99fZDruYuNI6KW509Httz4FVk2P9qqljbWuxKSQR/7KoHatVU0fOlGyMkoPfHIG5E4hQlPcFj+MGhJeprUGL8Nf9dSICdS0r+3ZrGhhC8OrkULr2DA79FU+QKj0dpc+8j48TzoN0MfSlfK6he8AIvoT8KGbCmPCvn8reoa+PaQii5fZjtKpSL348zZpQdvsIaPaEkHm1OUHzVLq0xZR6uyec2wX7KCJXw6Jsvs0c92W1tgzdxyUP59jREl+hKRANaiZyfH2FEekbDY4M8wekjeNm1Z0eI1azeYRR9BXj2Z07aHWju6cdo+6bO6oKAaA53aOeJkRqbKkq5Dyfl4ORA+LdVnrV4NU3uaQi6FCcKBbPvK9i/RLQf3yBjnExi5+O8tScjYf1/yyUpHNN3fike7gaMm++fyDUkKdy1+X3Sijn/Es0V+y6A6d/JfCVu6WKtA/udjX//Iw7zY5EhEzy5qATmZC/XYl0H7vHKNYK4Bb/Qjc6q1enMLL7SClOXxRyoN2yx2u22Mwh3u2HP+1oIY7sn2H58MCc+7INeTT1+ZRt7F4/DlHIb4eNEo3kGlhJN+UV94xMFOUqyN/1S3VkZBGn+f4SKb6O1qOaEMjEjX/xUVApZj6CiiQy/6xt/ENytmMYMr8sZxZNpsQ+pU5q+sO+/M188w8mpawaiapu0KZf7+R3O8NHve16ewgf4aqxHyFExmUygaDMn1Ht2BTxQwuNbpkzPDpbjraPi/FV/Q0L/1N6miJ2wbhJ54m/obA2LexHc/+l53Duu3ojEimyCj3an+vYW4KNTLsxJK4wQqjl C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\ParetoLogic Registration3.job - C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns C:\Windows\tasks\ParetoLogic Update Version3.job - C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe C:\Windows\tasks\PC Health Advisor Defrag.job - C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe -defrag C:\Windows\tasks\PC Health Advisor.job - C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe -scan ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-20 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-29 461216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-29 170912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-20 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20 194504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-06-20 167704] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-06-20 392472] "Persistence"=C:\Windows\system32\igfxpers.exe [2011-06-20 416024] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-03-28 2723624] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-06-09 11860072] "Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-05-10 1831528] "InstallerLauncher"=C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe /run:C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-03-13 7451928] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Babylon Client] C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe -AutoStart [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2014-10-08 366904] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280] "LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-04-19 1097808] "BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-05-30 59280] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848] ""= [] "DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2013-12-23 450560] "DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2013-11-15 1861968] "Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2015-12-08 24952456] "CommonToolkitTray"=C:\Program Files (x86)\Fighters\Tray\FightersTray.exe [2015-02-27 1696288] "SWPROguard"=C:\Program Files (x86)\Fighters\SPYWAREfighter\swprotray.exe [2015-07-31 1262120] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2011-06-10 389632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\acengine] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "msacm.vorbis"=vorbis.acm ======File associations====== .inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1 .ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1 .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - "C:\Windows\System32\WScript.exe" "%1" %* .txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1 ======List of files/folders created in the last 1 month====== 2015-12-23 17:38:27 ----D---- C:\Program Files\trend micro 2015-12-23 17:38:18 ----D---- C:\rsit 2015-12-23 17:09:44 ----N---- C:\bootsqm.dat 2015-12-23 17:07:41 ----SHD---- C:\found.011 2015-12-22 17:03:36 ----A---- C:\Windows\ntbtlog.txt 2015-12-22 15:39:48 ----D---- C:\Users\Friso\AppData\Roaming\Apple Computer 2015-12-22 15:30:18 ----A---- C:\Windows\system32\FNTCACHE.DAT 2015-12-22 15:26:38 ----SHD---- C:\found.010 2015-12-21 19:47:41 ----D---- C:\Program Files (x86)\Trend Micro 2015-12-08 21:24:13 ----A---- C:\Windows\SYSWOW64\tzres.dll 2015-12-08 21:24:13 ----A---- C:\Windows\system32\tzres.dll 2015-12-08 21:23:49 ----A---- C:\Windows\SYSWOW64\usp10.dll 2015-12-08 21:23:49 ----A---- C:\Windows\system32\usp10.dll 2015-12-08 21:23:48 ----A---- C:\Windows\SYSWOW64\wuwebv.dll 2015-12-08 21:23:48 ----A---- C:\Windows\SYSWOW64\wups.dll 2015-12-08 21:23:48 ----A---- C:\Windows\SYSWOW64\wudriver.dll 2015-12-08 21:23:48 ----A---- C:\Windows\SYSWOW64\wuapp.exe 2015-12-08 21:23:48 ----A---- C:\Windows\SYSWOW64\wuapi.dll 2015-12-08 21:23:48 ----A---- C:\Windows\system32\wuwebv.dll 2015-12-08 21:23:48 ----A---- C:\Windows\system32\wups2.dll 2015-12-08 21:23:48 ----A---- C:\Windows\system32\wups.dll 2015-12-08 21:23:48 ----A---- C:\Windows\system32\wudriver.dll 2015-12-08 21:23:48 ----A---- C:\Windows\system32\wucltux.dll 2015-12-08 21:23:48 ----A---- C:\Windows\system32\wuaueng.dll 2015-12-08 21:23:48 ----A---- C:\Windows\system32\wuauclt.exe 2015-12-08 21:23:48 ----A---- C:\Windows\system32\wuapp.exe 2015-12-08 21:23:48 ----A---- C:\Windows\system32\wuapi.dll 2015-12-08 21:23:48 ----A---- C:\Windows\system32\wu.upgrade.ps.dll 2015-12-08 21:23:48 ----A---- C:\Windows\system32\WinSetupUI.dll 2015-12-08 21:23:32 ----A---- C:\Windows\SYSWOW64\nlsbres.dll 2015-12-08 21:23:32 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll 2015-12-08 21:23:32 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL 2015-12-08 21:23:32 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL 2015-12-08 21:23:32 ----A---- C:\Windows\system32\nlsbres.dll 2015-12-08 21:23:32 ----A---- C:\Windows\system32\kbdgeoqw.dll 2015-12-08 21:23:32 ----A---- C:\Windows\system32\KBDAZEL.DLL 2015-12-08 21:23:32 ----A---- C:\Windows\system32\KBDAZE.DLL 2015-12-08 21:23:24 ----A---- C:\Windows\system32\win32k.sys 2015-12-08 21:23:24 ----A---- C:\Windows\system32\DWrite.dll 2015-12-08 21:23:23 ----A---- C:\Windows\SYSWOW64\DWrite.dll 2015-12-08 21:23:23 ----A---- C:\Windows\system32\user32.dll 2015-12-08 21:23:23 ----A---- C:\Windows\system32\FntCache.dll 2015-12-08 21:23:22 ----A---- C:\Windows\SYSWOW64\user32.dll 2015-12-08 21:23:16 ----A---- C:\Windows\SYSWOW64\wshrm.dll 2015-12-08 21:23:16 ----A---- C:\Windows\system32\wshrm.dll 2015-12-08 21:23:16 ----A---- C:\Windows\system32\drivers\rmcast.sys 2015-12-08 21:23:16 ----A---- C:\Windows\system32\comsvcs.dll 2015-12-08 21:23:16 ----A---- C:\Windows\system32\catsrvut.dll 2015-12-08 21:23:15 ----A---- C:\Windows\SYSWOW64\comsvcs.dll 2015-12-08 21:23:15 ----A---- C:\Windows\SYSWOW64\catsrvut.dll 2015-12-08 21:23:12 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2015-12-08 21:23:12 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2015-12-08 21:23:12 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2015-12-08 21:23:12 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2015-12-08 21:23:12 ----A---- C:\Windows\system32\iertutil.dll 2015-12-08 21:23:12 ----A---- C:\Windows\system32\ieetwproxystub.dll 2015-12-08 21:23:12 ----A---- C:\Windows\system32\ieetwcollector.exe 2015-12-08 21:23:11 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2015-12-08 21:23:11 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2015-12-08 21:23:11 ----A---- C:\Windows\SYSWOW64\occache.dll 2015-12-08 21:23:11 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2015-12-08 21:23:11 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2015-12-08 21:23:11 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2015-12-08 21:23:11 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2015-12-08 21:23:11 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-12-08 21:23:11 ----A---- C:\Windows\system32\iernonce.dll 2015-12-08 21:23:11 ----A---- C:\Windows\system32\ie4uinit.exe 2015-12-08 21:23:10 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2015-12-08 21:23:10 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2015-12-08 21:23:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2015-12-08 21:23:09 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2015-12-08 21:23:09 ----A---- C:\Windows\system32\urlmon.dll 2015-12-08 21:23:09 ----A---- C:\Windows\system32\occache.dll 2015-12-08 21:23:09 ----A---- C:\Windows\system32\iedkcs32.dll 2015-12-08 21:23:08 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2015-12-08 21:23:08 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2015-12-08 21:23:08 ----A---- C:\Windows\SYSWOW64\jscript.dll 2015-12-08 21:23:08 ----A---- C:\Windows\SYSWOW64\ieui.dll 2015-12-08 21:23:08 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2015-12-08 21:23:08 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2015-12-08 21:23:08 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2015-12-08 21:23:08 ----A---- C:\Windows\system32\msfeeds.dll 2015-12-08 21:23:08 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2015-12-08 21:23:08 ----A---- C:\Windows\system32\dxtrans.dll 2015-12-08 21:23:07 ----A---- C:\Windows\system32\iesetup.dll 2015-12-08 21:23:06 ----A---- C:\Windows\system32\ieapfltr.dll 2015-12-08 21:23:05 ----A---- C:\Windows\SYSWOW64\wininet.dll 2015-12-08 21:23:05 ----A---- C:\Windows\SYSWOW64\webcheck.dll 2015-12-08 21:23:05 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2015-12-08 21:23:05 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2015-12-08 21:23:05 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2015-12-08 21:23:05 ----A---- C:\Windows\system32\vbscript.dll 2015-12-08 21:23:04 ----A---- C:\Windows\SYSWOW64\msrating.dll 2015-12-08 21:23:04 ----A---- C:\Windows\system32\jsproxy.dll 2015-12-08 21:23:04 ----A---- C:\Windows\system32\dxtmsft.dll 2015-12-08 21:23:03 ----A---- C:\Windows\system32\ieui.dll 2015-12-08 21:23:03 ----A---- C:\Windows\system32\ieframe.dll 2015-12-08 21:23:02 ----A---- C:\Windows\system32\mshtmlmedia.dll 2015-12-08 21:23:02 ----A---- C:\Windows\system32\mshtmled.dll 2015-12-08 21:23:02 ----A---- C:\Windows\system32\ieUnatt.exe 2015-12-08 21:23:01 ----A---- C:\Windows\system32\webcheck.dll 2015-12-08 21:23:01 ----A---- C:\Windows\system32\jscript.dll 2015-12-08 21:22:59 ----A---- C:\Windows\system32\jscript9diag.dll 2015-12-08 21:22:58 ----A---- C:\Windows\system32\jscript9.dll 2015-12-08 21:22:57 ----A---- C:\Windows\system32\wininet.dll 2015-12-08 21:22:55 ----A---- C:\Windows\system32\msrating.dll 2015-12-08 21:22:55 ----A---- C:\Windows\system32\MshtmlDac.dll 2015-12-08 21:22:54 ----A---- C:\Windows\system32\mshtml.dll 2015-12-08 21:21:50 ----A---- C:\Windows\SYSWOW64\els.dll 2015-12-08 21:21:50 ----A---- C:\Windows\system32\els.dll ======List of files/folders modified in the last 1 month====== 2015-12-23 17:38:27 ----RD---- C:\Program Files 2015-12-23 17:37:01 ----D---- C:\Windows\Temp 2015-12-23 17:24:38 ----D---- C:\Windows\Prefetch 2015-12-23 17:22:38 ----A---- C:\Windows\SYSWOW64\log.txt 2015-12-22 22:43:03 ----SHD---- C:\System Volume Information 2015-12-22 21:12:29 ----D---- C:\Program Files (x86)\GameSpy Arcade 2015-12-22 20:24:12 ----D---- C:\Windows\system32\config 2015-12-22 17:13:24 ----D---- C:\Windows\system32\catroot2 2015-12-22 17:03:36 ----D---- C:\Windows 2015-12-22 15:46:09 ----D---- C:\Windows\System32 2015-12-22 15:46:09 ----A---- C:\Windows\system32\PerfStringBackup.INI 2015-12-22 15:45:33 ----D---- C:\Windows\system32\NDF 2015-12-22 15:45:26 ----D---- C:\Windows\inf 2015-12-22 00:12:38 ----D---- C:\Program Files (x86)\Internet Explorer 2015-12-21 23:17:34 ----D---- C:\Program Files (x86)\Arma 2 2015-12-21 22:46:16 ----D---- C:\Users\Friso\AppData\Roaming\uTorrent 2015-12-21 20:09:31 ----D---- C:\Program Files\CCleaner 2015-12-21 19:47:42 ----SHD---- C:\Windows\Installer 2015-12-21 19:47:41 ----RD---- C:\Program Files (x86) 2015-12-20 14:15:43 ----D---- C:\Windows\winsxs 2015-12-20 14:15:23 ----SD---- C:\Windows\SYSWOW64\GWX 2015-12-20 14:15:23 ----SD---- C:\Windows\system32\GWX 2015-12-11 20:07:09 ----D---- C:\Program Files (x86)\Dropbox 2015-12-10 17:18:11 ----D---- C:\Windows\Microsoft.NET 2015-12-10 17:17:38 ----RSD---- C:\Windows\assembly 2015-12-10 17:05:20 ----D---- C:\Windows\SYSWOW64\nl-NL 2015-12-10 17:05:20 ----D---- C:\Windows\SysWOW64 2015-12-10 17:05:20 ----D---- C:\Windows\system32\nl-NL 2015-12-10 17:05:17 ----RSD---- C:\Windows\Fonts 2015-12-10 17:05:14 ----D---- C:\Windows\system32\drivers 2015-12-10 17:05:14 ----D---- C:\Windows\ehome 2015-12-10 17:05:11 ----D---- C:\Program Files\Internet Explorer 2015-12-10 17:05:09 ----D---- C:\Windows\SYSWOW64\en-US 2015-12-10 17:05:07 ----D---- C:\Windows\system32\en-US 2015-12-09 15:42:49 ----D---- C:\ProgramData\Microsoft Help 2015-12-09 15:40:29 ----D---- C:\Program Files\Microsoft Silverlight 2015-12-09 15:40:29 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2015-12-04 16:19:06 ----D---- C:\Windows\Tasks 2015-12-02 13:18:58 ----N---- C:\Windows\system32\MpSigStub.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-05 438808] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-03-01 4720704] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152] R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2009-09-17 56344] R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2011-05-10 425000] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-12-01 250984] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-03-28 1417776] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-03-10 17408] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S1 PStrip64;PStrip64; C:\Windows\system32\drivers\pstrip64.sys [2006-09-30 13008] S1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2014-10-08 127760] S3 AVFSFilter;AVFSFilter; C:\Windows\system32\DRIVERS\avfsfilter.sys [2015-07-27 13720] S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-06-10 12230912] S3 Impcd;Impcd; C:\Windows\system32\drivers\Impcd.sys [2010-02-26 158976] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-14 2899176] S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-12-23 113880] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 SPPD;SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-04-25 52736] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496] S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== S2 acengine;acengine; C:\Program Files (x86)\FastSearch\acengine.exe [2015-08-11 1839728] S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128] S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184] S2 AV Engine Scanning Service;AV Engine Scanning Service; C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe [] S2 AV Watch Service;AV Watch Service; C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe [] S2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088] S2 CltMngSvc;Search Protect Service; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [] S2 comyninu;Wire Professional Version; C:\Program Files (x86)\F7AC1E80-1439560795-8148-2585-386077D154ED\hnsc1871.tmp [] S2 dbupdate;Dropbox-update-service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-16 134512] S2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136] S2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-04-19 353872] S2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 872552] S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-08-14 68608] S2 gopibeko;Kerning Down; C:\Users\Friso\AppData\Local\F7AC1E80-1439568053-8148-2585-386077D154ED\snsmAA92.tmp [] S2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200] S2 hyverumu;Key In Bold Italic; C:\Program Files (x86)\F7AC1E80-1439560795-8148-2585-386077D154ED\jnsw2FB.tmp [] S2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2010-05-21 110736] S2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624] S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-09-16 325656] S2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-08-21 1871784] S2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832] S2 Orbiter;Orbiter; C:\Windows\System32\svchost.exe [2009-07-14 27136] S2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-04-29 75136] S2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-11 193824] S2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496] S2 Suite Service;Suite Service; C:\Program Files (x86)\Fighters\FighterSuiteService.exe [2014-11-04 1282592] S2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-09-16 2538520] S2 xykumyfu;Portal Double Quotes; C:\Program Files (x86)\F7AC1E80-1439560795-8148-2585-386077D154ED\knscE5D5.tmpfs [] S3 dbupdatem;Dropbox-update-service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-16 134512] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-11-21 655624] S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-08-14 68608] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-09-02 194032] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-11-08 114688] S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 936848] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-28 1255736] S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] -----------------EOF-----------------