Logfile of random's system information tool 1.10 (written by random/random) Run by Ed at 2016-06-02 16:37:12 Microsoft Windows 8.1 System drive C: has 479 GB (84%) free of 573 GB Total RAM: 4043 MB (37% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:37:39, on 2-6-2016 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.18123) Boot mode: Normal Running processes: C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Hitachi Software Engineering\FX-DuoDriver\LSDRVA.exe C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe C:\Program Files (x86)\Citrix\ICA Client\concentr.exe C:\Program Files (x86)\Citrix\ICA Client\redirector.exe C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe C:\Program Files (x86)\Citrix\Receiver\Receiver.exe C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe C:\Program Files (x86)\Hitachi Software Engineering\StarBoard Driver\DGBoard.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe C:\Program Files (x86)\HitachiSoft\StarBoard Software\win32\release\starboardprintlistener.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Origin\Origin.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Ed.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Movies Search App (Dist. by Bandoo Media, Inc.) - {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll O3 - Toolbar: Movies Search App (Dist. by Bandoo Media, Inc.) - {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [Redirector] "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKLM\..\Run: [G Data ASM] "C:\Program Files (x86)\G DATA\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" /autostart O4 - HKLM\..\Run: [ControlCenter4] "C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe" /autorun O4 - HKLM\..\Run: [MyScriptStylusAutoStart.vbe] "C:\Program Files (x86)\Vision Objects\MyScript Stylus\MyScriptStylusAutoStart.vbe" O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Ed\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - Global Startup: StarBoard Light Sensor Driver.lnk = C:\Program Files (x86)\Hitachi Software Engineering\FX-DuoDriver\LSDRVA.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing) O23 - Service: Ask-updateservice (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: G DATA ANTIVIRUS Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe O23 - Service: G DATA Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe O23 - Service: G DATA Bestandssysteembewaker (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: Energy Server Service (ESRV_SVC) - Unknown owner - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: G DATA Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe O23 - Service: G DATA Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Security Scan Component Host Service for Sony (McComponentHostServiceSony) - McAfee, Inc. - C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe O23 - Service: McAfee OOBE Service2 (McOobeSv2) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee PC Task Scheduler Service (McSchedulerSvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Content Filter (mfeicfcoreocp) - McAfee, Inc. - C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NetworkSupport - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe O23 - Service: VAIO Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: User Energy Server Service (USER_ESRV_SVC) - Unknown owner - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\vuagent.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- End of file - 18449 bytes ======Listing Processes====== wininit.exe C:\WINDOWS\system32\lsass.exe winlogon.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS "dwm.exe" "C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe" "C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe" C:\WINDOWS\system32\atiesrxx.exe C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted atieclxx C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe" "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files (x86)\Bluetooth Suite\adminservice.exe" "C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe" "C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service C:\WINDOWS\System32\svchost.exe -k utcsvc dashost.exe {03fe4b4c-d2d5-44f2-80acb84b9144455a} "C:\Program Files\Intel\iCLS Client\HeciServer.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc "C:\Windows\system32\mfevtps.exe" "C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe" C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted "C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe" "C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe" C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe "C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe" C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{CB45D4CA-8A34-4EF1-9957-6134E5270E83} "C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe" C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe" -Embedding taskeng.exe {09A8404A-3440-4D6D-B4E5-69A68AB56062} "C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe" /AutoStart taskhostex.exe C:\WINDOWS\Explorer.EXE "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" "C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE" /QuitInfo:00000000000009AC;000000000000097C; /loadhooks /Parent:0000000000001468 "C:\WINDOWS\system32\GWX\GWX.exe" C:\WINDOWS\system32\SearchIndexer.exe /Embedding C:\Windows\System32\skydrive.exe -Embedding "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SONYAPO "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" "C:\Program Files\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun "C:\Program Files (x86)\Hitachi Software Engineering\FX-DuoDriver\LSDRVA.exe" "C:\Program Files\iPod\bin\iPodService.exe" "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" C:\WINDOWS\system32\DllHost.exe /Processid:{B32DAC50-97B2-4BF7-A8DB-418294621529} "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup "C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe" /AUTORUN "C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe" "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe" "C:\Program Files (x86)\Citrix\Receiver\Receiver.exe" -autoupdate -startplugins "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow "C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe" "C:\Program Files (x86)\Hitachi Software Engineering\StarBoard Driver\DGBoard.exe" "C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe" /Stationary "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" https://download.dm.origin.com/origin/live/OriginSetup.exe "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=DomRel-Enable/enable/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GFE/Default/Prerender/Prerender15minTTL/RememberCertificateErrorDecisions/Default/SafeBrowsingIncidentReportingService/Default/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_33/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --channel="4020.1.1131091188\1304548555" /prefetch:673131151 "C:\Windows\System32\SettingSyncHost.exe" -Embedding "C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe" "C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe" -Embedding "C:\Program Files (x86)\HitachiSoft\StarBoard Software\win32\release\starboardprintlistener.exe" "C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe" C:\WINDOWS\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" "C:\Program Files\Sony\VAIO Improvement\vim.exe" -System "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 "C:\Program Files\Sony\VAIO Improvement\vim.exe" -User "C:\Program Files\Sony\VAIO Care\VCSystemTray.exe" -versionsave -reminder -autoupdate "C:\Program Files\Sony\VAIO Update\vuagent.exe" "C:\WINDOWS\system32\mspaint.exe" "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4084 CREDAT:267521 /prefetch:2 "C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltSur64.exe" 5e8 C:\WINDOWS\system32\wbem\wmiprvse.exe "C:\Program Files\Sony\VAIO Care\VCService.exe" "C:\Program Files\Sony\VAIO Care\VCAgent.exe" \??\C:\WINDOWS\system32\conhost.exe 0x4 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=DomRel-Enable/enable/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GFE/Default/Prerender/Prerender15minTTL/RememberCertificateErrorDecisions/Default/SafeBrowsingIncidentReportingService/Default/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_33/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --disable-gpu-compositing --channel="4020.16.865074916\2004600903" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4020.18.2109943507\676696567" --use-gl=swiftshader --supports-dual-gpus=false --swiftshader-path="C:\Users\Ed\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159" --gpu-driver-bug-workarounds=1,16 --gpu-vendor-id=0x1002 --gpu-device-id=0x6841 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.251.9001.1001 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=DomRel-Enable/enable/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GFE/Default/Prerender/Prerender15minTTL/RememberCertificateErrorDecisions/Default/SafeBrowsingIncidentReportingService/Default/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_33/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --disable-gpu-compositing --channel="4020.19.1895091359\1623451208" /prefetch:673131151 "C:\Program Files (x86)\Origin\Origin.exe" /Updating "C:\Program Files\Microsoft Office\Office15\WINWORD.EXE" "C:\Windows\System32\WWAHost.exe" -ServerName:Windows.Store C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=DomRel-Enable/enable/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GFE/Default/Prerender/Prerender15minTTL/RememberCertificateErrorDecisions/Default/SafeBrowsingIncidentReportingService/Default/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_33/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --disable-gpu-compositing --channel="4020.26.1605541189\218678863" /prefetch:673131151 C:\WINDOWS\servicing\TrustedInstaller.exe C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding C:\WINDOWS\system32\vssvc.exe C:\WINDOWS\System32\svchost.exe -k swprv "C:\WINDOWS\system32\wuauclt.exe" /RunHandlerComServer "C:\Users\Ed\Downloads\RSITx64.exe" taskhost.exe ======Scheduled tasks folder====== C:\WINDOWS\tasks\4d0ec2e7-584d-427b-a601-b9b87a4eb405-1.job - C:\Program Files (x86)\Cinema 4u\Cinema 4u-codedownloader.exe /rawdata=XON4DxcyI+/wLc1R0yRg+McmSIHk25vD9lMSPXZPpkw1DiA6VmThtMlNP/BYARpcpngDdxkj/NvyeTJuyctBy9Ju0FDUUPMzXjFw3ODIVxEsmblnfRWvpo6A/4LAILejinHIS1sYyDcdD+K9n6dy+dsZUlTW2jWWq1SyCUKHvQ561Wm8O6repPMsVUvwmnPk4wFyElPy4JIq2pSU1PR/H5l4n+fzslHyD6c8AEz4Xml07DNjJu/AkFEOFcI59j+Itb1SaByXBSZHxWq4yTo7yiWzOnGFydmGugspZBqSoMbqVULZjlxy9socxh06Q2vDgyd9IfSydRNMv9SX5VHCTraIwB7yS37piHkvUQo6OpYggkPBQASaiJsYZNF3741lGmP501HA+fwuatCxmblMzxtTAB+H4qY14iLP6ZrTwXWYZ2+q3rqbhNzewd1V5IZ3DZkQdPJXvx+31qbl8IGY/RemUKFDuID3elLd9m3xFllaGxKyEoyo7Ejxv/uwa+abHbBNse8td7UnEHXiWgRNcf4QAfMnDRzPbm+w0FzKr/P2NLB+74KcNEWiI7800855TrTjGBulXbtFiE/VlTQc7pfZ/P4cYUNpfjtPSu+4EXyM0PsmOdZu16WGZctRTooLMSkRDKHBzCNtVU1e7E1u/6CAApH/l1j2bHjyriiQTUKCvuP3POKNimQSIaR1ll2/sBTSZgDNoh8DwbJsUKQaA9Rpr7ippT/MYTm9tLVKaOaCbiZodjbyjDz3GZPH5BXxJ9NuA5WerKHRoij1MaI6XBEt+QJ9n15gUIwsJF9t/cjhqalt9cgfd2vIkVOf5SubkND2aA3yb8xVlgYHQ6Qx5H8cPllLqahxoJiiuEUeTcTdxsqHpmXBm6Uy9lTrlOSywAy4fYcH2318d6pPc+rWoOGVWtvr5o/gTjBvRf1UbY4DUiyG3Hj1Sv8gty+lEQ0P8eU30370i063dQiV+m5oknBXAbQaw+cfgpu+EB8gEmVickm7BtyIbPdOpF7J9g86Eazvh8HpY1jGf+9hSRzd04azGWzpivtQcPKomrMvplCEpSGkHtM15RYSSE2NMJWJKAZ+Jg5HV9kd2dfm38UKKG9ATklCNyMcwVubUEO3Qf8rgKc1OMM9urcY2H6zf/EuexiMLt6bQMi6Fgn9Jq5dn5aaRHkbTr6eNGMy8AgpWZxzGZH9BM9zDWqyNgCJTyk3hzCsq9lklWgf7lpMJxJE1vJKcwGyrflCsJAap/1vq7jAek3kqxP0SvECoSoVZ1n4ihpzA9dlH2j00zmYq0We1LDlixgRP5qk6RoUTTx2B9BTDyOZ/Ia7wl851b+rFaJL+ffAkbAJzUj5shc4YbO79g== C:\WINDOWS\tasks\4d0ec2e7-584d-427b-a601-b9b87a4eb405-11.job - C:\Program Files (x86)\Cinema 4u\4d0ec2e7-584d-427b-a601-b9b87a4eb405-11.exe /rawdata=frD+8u9ug9qRqhFOEwEfwlCNZLpm9dhJCME1j9vXqFCNb8NCQHx4a04Nmta05WY3fCSN+sKK1U0PdCO6ym+drfEHIL31fxtc7D+6sWoUw2fLmv3nhCxpBhWQA7wQWaW2yJmmdYEF6HyInF4g7yW5jADZXcCIH+kEluog2o+fgiWeLF3dcEz1yQYAq6m3h4lvUX6t3GHiVE91C5TpDVvV2AeXYzXtUU3JspyMxVeEIGbUPU+5oBCB5r/a65MIFL1xxPXwUGjGeYTiBllyh9ERgss31v5PqKxRpV2Hv8VUF9zF1vZOrCuGPC84Lbx/jHgwsxl55KxeewRhsR/b9Hy2yKA6nXjR8Ui60mqQd+o4N/ghanff9kDcr8mNtNA6p+sUHKKqm9nDaxdDiC/uQmA7sRIkQPEIrgsXHk845rPu/TBzKuqOqnXCWgrh1hCuciv/5hRJ+zPMtnBWlE+QXAFl/hYNfSoL4WFfgVx2hKTG1Ob3wPtd0QBllDoiil40uX2oB/NbulZk5l/z34faREZa2a6LQ9QPf5Xtq/kHoPeTrghJtKSC8GS2SpUhXqAbGBl0g6zXk+KGuAlpfR7iGFB8wN2aVR/6LizK4DXTspzrWH2lApDX0dQbrDIHK0D3WKQ6URKqVwtD3/MmOnMV+YQWGE7bFtH+AC77wwavvOLji5CwvijeAvT9Rsm/eQ1m+N5suSjm180c0IGwXo8lGif1A1eaUyL5KxQQQcJ5v5WR72pe70gTUkl+Co3gjvUn9ckzOTZo5+eI6YK/fUd+r6ZT4UqtNtM9OtGzJjyfDmtr0hSGf0USX+XbFVgvy0JeLLRyMJ5kgf6E+qx3rEWJo9eF1X4WoRZS/pEP6+NdvSj9ACe+YXrqbKNXvPCu1WkaT7wG5ROf1oiHLoU5tWPc0ktgBoAKAfD47qCxO2ZGVvvk82FTN/McF/+PMgkrGcC2a5fQgBNgE8d2zwIwV9kr7B5FM2gkGh0IjbluSrk8LURPK11Ij47pLdFnf+yrxD9F5h15q2jJrMhbgQKMkAgFi0FeJWtV01BXYrFN0gHTYI2pkWHHBq2emj1g80ezCJHA+AKPKqGwDK+pDvAllkeShtt9XkNuuEtSTBA/sIGMoXc68WvzPsLpp5eVBNFt5Vc+e9fxMoA+9AZoc8xb0wxkil3JioIQSyNQpelzMdmUZOj4q3+ynB5f9+vQtzOJWo+5ABWC0X5qYCvMt/mwWr8OVtGGNjrv/zCBPIBvcwL6b46WwqLcx3wARp0HbnCKztA9THPgIh6IDtexWfwm6Kt5eKyQq0kqwsUqvzcT4c6uLoppu9evZK3pr9f1OXw2n7zgqcnvldR5T7BAlNck8KB14eSzeY36LX9tPv4HMkgWLT3azNvlhrKuzpW/KcZuMBsMGnYuCUqvQCKKaWGIAq7zD6wo/aCo1AiFU3OdfVHqFGzMatyR693cJI2bDR68VEbQts+yATM2aHiUBoKY6XeX5XDc32MQOMWsOoHhnn8N7PyjIvUbzxGOJm91tEIqV0t0NhkFgpcbxykVQbJzJ8m7/yNLaPRMZ4F18ld29w1B+hynOmUVF7ZoTf+Pjv0C0OgekHJnpcf726mgmeu+lEkN4IwdQbwtDfO8jLPPUchdQBpjwHJed9u0kPxN5vFEnFuqRQDRKtLt16u9lFiEUZ3iOnq9ajKcjF5c7aUNtuvNeI5CRawxVcfkh0BzTifY+VLhk5NfZlXQnEe5TzLIeeqxoWX0zgz3lvMo5pn4FlktHlvIR07ejsQe2lFjrB6EtpL4tlqJyKeegYbXZVT0iS8rBVqsPoEGk2tQvIPzLS6o67aIOCtD/Zy97kIw2XUmhyCtillKSKJ/KbErrpUDPYPCbWiZ4CJ/Ex0ESi1bb20cQHq+4IfX7oX82iY0tXRpKulK8f/H2hbOlqAPdFlhT7M6gySWUs/nouyUFKCHwC8zwQc5oGtBTm7LUCw6HALwKsTAnscN9QCt4snLnF1ClemMtCu77rFnp22EYQYsikbtOK2O+TcRRSTQWdTvhXimvRg8gpssMFEpIkSN7iaV1zk1e4eVY7CHReUemebNVIa4lUiq5N59oYQioU7L7z9whSdXf+FskCwCpOWbAKsvuFvuf+5iXa+guMA+XvcLqSdcreNg1aGPvcFBELF5Ua6vqMGxizfJgoKBUU96iBgQjMwl9UDxnGjyKu67BT83BwQhP7MXj44= C:\WINDOWS\tasks\4d0ec2e7-584d-427b-a601-b9b87a4eb405-4.job - C:\Program Files (x86)\Cinema 4u\4d0ec2e7-584d-427b-a601-b9b87a4eb405-4.exe /rawdata=ldYEQ55Em5GA9c0rNBAyqS9/uYI60UmXrLEre06vZsGBgFLh8qVIceJIwHLGdLYJRN2bm40P7DSPUXyQSbGtd3eDLkfmjdl7H6fJmGJpdSXiew/Ts04a4g6bWQrNX1IF5PKgRNLh9nOKyT7rfMgbPuHBnSfFsHwns3T8dXxalDazTTtMoBOO4taK4bZaCjD0g3rHBgzrBJw1740bfEHSKrny4F9A496K0p19kunel9zl4BnxdEDTuo3Ok2g6ZEg7n90Bw3wzbmmRsp6qbpObXjJuO2lZdn9bzKT7ZcBqPuBWwh/5c4Z98vhctLlH4znHGB//OxZoZ9sRB33jVl5Op8D9ojn6E94DdzPN0WOX5vKFg0YsxULi8n5W48D4nEaz0J3XIYCmRBk7OxcVagAGvvV+cOjRwx7KNc4keV0b/NJlhyyD+BY03BQenhHoD4JfYK0QAXt77RUwUHlIJZjMdPr7hy3LUCQ2KU4RZxaz0mMkeHAFl1OttZnqCaC0UEoMOYArqN9JizyyX+r2XTzWXADudiic8QtpzQNgNL0SXKGksKEUl7XAVgWR7ujDALz17nfpQMPRbGbdDKyDI/sUmDAIAFtZ19R8NGhqUCjifhdkYBF0MUbBdSPWHkZTB/aciilAAyElLGuKU1ZbbV1KNn9mVs0l4TRC23BcLLiEHiNcyVuwurVGeuqVrDA/oycLZcw25xf6hca7cmC7G9WpdiInX/Tvn1y1frrHJhvurAT5y1epLJrV4kdtsoW3PvO8cfNjUOAqdB/bHvMjvalPzoek76oG861xew2m/sy6XjW7yTysktMWNJ/sWoPgGcSViCs+zsgpMXLCmXkk3W7XdW0RfDYgUUrak4yHdNHwJT4zxpbc8Hs/jdxg/czTg/SqDj89dV7lhoM8XFYugYRVO74oQ705gjx0xlsjBhGG2qloc4c8LQu4gTjgqW5KsoBGL8fgjsgpHJz9EF8T4WFwvKnqs1fmtwbFoJP2fDX8lUSbXwD9vMHaaudwBsZJPXmgcq/riI3m/mlG7xTDceWvOwlpIKgqYemsoGlJNQWChKQwL99i8GHrHrXv+efdMllrKKV66i+J53Nad7upNngqkHPLgBj+e6dGMnKiqyfo6Ej1rt4TyY2zvgXWtQCbDnDy1PRKBl4GdxPeLcRbeOteK1W1vPzpZ5K9jgi4JS05+Vx/OvP23AugsRf2XfEpXirOWERVSrIgHd753pp8X/hxs5xbsVXHae/CxCpRAL2buRRMTF4UgllExMG48OeksANOoUpTGORz+d7YJCR6kgf/heUF81ojCRK0FgqZLfVeY0tLPFfOeoHkJf/qMwZgTloPrpmAmMDVCIWT3yBUw/b4/aCFq6nUocC6eB+juuGn+8SxhpL+WdNwRfKBCum+TZBrK7/wrY4uJu/aXTNUiolInn2gyD2Y6jynm5Kygca05vN/a2QYZCqDFFLlupTmjrLoTAmKYSKuf+lD6P35wYcEHouBHdlxg92EyRXPFek+ZXnk+gSH4Er+Ya57hQZxUkpFxMM6y+Pa2MHbyrP4cauuTcvhYNdKHsKLc84TLNlJmDPio2jBgz7HaYTQ9iS2sGXc8Uprhxuqidhh6cjzDmzQydgFnH46DiZiC2RxwNMDGi7sLTKHVmIXrDF7rQTJy5p1DJXDwy9/w/4KAYrdP8fZaoWwI9ckkx5mKkrCb0Jnu7kw8ZMB0LpAavG8hOQjkci5APJHt+xkeSF6SdOLK8aN6qDADeV80SH2Yn6tL89wmvFh+K1BPPVIeAS8dIpU1B4Sh+SXLGS0Rzpcc6/e7bjayRQwXfRh+LwKyAyKicogTotJ+Vl0hTc69svVZ+zUIYgq98ruHPbQM5DnTz9s1QMLdg== C:\WINDOWS\tasks\4d0ec2e7-584d-427b-a601-b9b87a4eb405-5.job - C:\Program Files (x86)\Cinema 4u\4d0ec2e7-584d-427b-a601-b9b87a4eb405-5.exe /rawdata=na2nV5ZbG2TZ/Z8aBO3xGKYpEUZ5Rs/hS8AiQ+V+CARPenLU9mA5r3IAItowjxxGUrdgp1UpMwzOfJhe0qGlZz6vHpGB1hlBFrwqocEspf/9I8NeiaYJnLHWitrUiLaOg/bMpNU8ZKdGpnnM3rpIiuxfTWObneEGIhyV1PpreMcSgKPWmdcBLZNDEIXkOV4681REkOevLxhfpfyKVkUld3N5G+nXCc2X7Dueu9M0qCiZU+fzM3swF8XGojxA2mT0mTwL/2iEqmXxfHWnqn1Cvswfsu5yBZSuLpqBFXPV1w/GWnVRIib6muTvt4WPCB8RhRZEyT+qgZimzphU+jJHxCS/BJXBUb8IhNKPhNVWSHb30OOzsO6p6RzqzsET3hBZ5KqpvgrkCTkajf097THOEYWVjwrT5tNXZ0j1n0h2P9SLZ3Lg9PW7u4wiwMZFTWWQZNrgCWcN73TgvbZaw4UagcGfEdF2iPdlFBHwZJG0ZCQseDIO4mMqvaDVQJo7483tFJIlgrKyKnr1KFfe5e6PBHJ1u9BXGDfrSOrl1ZjyWkw3LjnBjOYafGJCCTIKQt/8okO8aeJ5OBk1QzDk0ucAZr49gIRdCVWdys27eQgar9gV2om3/5Bs+ZROI/ogPtjSyu7RzEVVuR5Ti4L7pZKVPPYlpxePjF6kgF9jWds4ydi09sRk6AV25isGcqnFULytHHMHeFs5LKT2aflcNQ7dEZpWAbFJb8rHp1mLEjaQRt1RpqklZQDFl6Pqe80bP84/N1Qd+aVLrxzzMMb5CXhk4wN0Uz6GTzyZm5gPVTIlwxNmz/FvPGrxp2pWgRjri0fTold8KBodiMjfNIgySz5EC6qftI83kGZttl01PyGhc9nl0Jq+WJHN7MdIFgrfd8655imwaI/INwDh4jkLwM/AMJ44YC8t/+WstJCOb3K7K0fPXioFV1vtNLkmSCKFhUbKwJzvzl5KUHnHl7B4EdTtPW7m5NieZBHJyfgOtGNOQnJJ1Q3ILQJd+Y5iodrVdZ8+ C:\WINDOWS\tasks\4d0ec2e7-584d-427b-a601-b9b87a4eb405-5_user.job - C:\Program Files (x86)\Cinema 4u\4d0ec2e7-584d-427b-a601-b9b87a4eb405-5.exe /rawdata=na2nV5ZbG2TZ/Z8aBO3xGKYpEUZ5Rs/hS8AiQ+V+CARPenLU9mA5r3IAItowjxxGUrdgp1UpMwzOfJhe0qGlZz6vHpGB1hlBFrwqocEspf/9I8NeiaYJnLHWitrUiLaOg/bMpNU8ZKdGpnnM3rpIiuxfTWObneEGIhyV1PpreMcSgKPWmdcBLZNDEIXkOV4681REkOevLxhfpfyKVkUld3N5G+nXCc2X7Dueu9M0qCiZU+fzM3swF8XGojxA2mT0mTwL/2iEqmXxfHWnqn1Cvswfsu5yBZSuLpqBFXPV1w/GWnVRIib6muTvt4WPCB8RhRZEyT+qgZimzphU+jJHxCS/BJXBUb8IhNKPhNVWSHb30OOzsO6p6RzqzsET3hBZ5KqpvgrkCTkajf097THOEYWVjwrT5tNXZ0j1n0h2P9SLZ3Lg9PW7u4wiwMZFTWWQZNrgCWcN73TgvbZaw4UagcGfEdF2iPdlFBHwZJG0ZCQseDIO4mMqvaDVQJo7483tFJIlgrKyKnr1KFfe5e6PBHJ1u9BXGDfrSOrl1ZjyWkw3LjnBjOYafGJCCTIKQt/8okO8aeJ5OBk1QzDk0ucAZr49gIRdCVWdys27eQgar9gV2om3/5Bs+ZROI/ogPtjSyu7RzEVVuR5Ti4L7pZKVPPYlpxePjF6kgF9jWds4ydi09sRk6AV25isGcqnFULytHHMHeFs5LKT2aflcNQ7dEZpWAbFJb8rHp1mLEjaQRt1RpqklZQDFl6Pqe80bP84/N1Qd+aVLrxzzMMb5CXhk4wN0Uz6GTzyZm5gPVTIlwxNmz/FvPGrxp2pWgRjri0fTold8KBodiMjfNIgySz5EC7aIfvH7WCKsZoIrXaz/40/XuSddTArSGScq8ksdBAqhXCPWN/IPWGS7elPO1/on5C04q+z9JFNYFSGmNiPDM9+X3fprFZKdbVSuwN75u0fpxJMwNwxL8Hd0W+ejYHSb0MefVQL8nEzFd/qPbMVQmIp37s5IQZ0gAoBYewpvCFZ+ C:\WINDOWS\tasks\4d0ec2e7-584d-427b-a601-b9b87a4eb405-6.job - C:\Program Files (x86)\Cinema 4u\4d0ec2e7-584d-427b-a601-b9b87a4eb405-6.exe /rawdata=KtVYU0Jhlvke8QYd3nYkltUtQmjQvbSaKXpXzJolJkrUXNdnFPGgc00Bj4TnVsqVoUwByD/OODo+f4EcWkIAqV4/JQJARYVbrqQP1JxoeDfEwY4fQmPUcF69FhpG7iFtPMinOG3VppzaPKoLv/GBeXyoPCXjHRNkAYws/uGmJw1fDfTh2yCWXE2X6N1kjf94xj/+Cu4No4M3swZEZRiS5xmpNQVWEmAegDse15+esm9wgFn/C06mOuFjQ0f4AWQ2QoR1RzZClxUhDdGUDNZ89HBvNKBELVLKvz8UgR+73jMto8ofifdfLLsKxpSAORdZErGwwXeut3UXnpyfE8NcDmqGpRmdxbCVKICEfqAAFY4rKNClsnmKvHZiAofRn8RTpdnDkcrW+V4cbQc9xNe/NlLi/ZXtghwwmwxioplFpOau44JcODYAlWicNWMMk7cyLVPePx+IeMlFz1huaDR5iYbq1ht55+9ayoWoId3r6ASwbSJCB6GQYv658njDlfYaJmaiOOfdk3tQ1j09MBNW9NTp1cMr0yzN0/LcMHaDk1xfulO/CR0tdythDo5hoplMgQq5VuMhC63WAClYKnyRaXUoCs0w5HBHKNMKWgU1pc5vxZTcGCVsIVpi3kaOtiYH7WMTprajo+aPbp3HIfexeVXithVnzxsgi6DI1E6fVnNkYryrR5LxHZBxL+3WOLQxzkjr5QFgQe+D9zbvmLPvM9d9RdXl9Yott6qK+nlDwykBbqX1tJ+QHBX4vOxux0/XAnzeDV0WH6ykmGgWoizEOk6aOCa8wo6bUE+w2t8TVZjm6ACH4AtmPuIY6p1v9aOvHIIdGGcQWhE7t5yVHMo9e3m4YeWHt2ogODPwpMok4nqWy6Vsz5KwtDsFicmMjIowAbPdyruqjK8JBDYqaVlgrkd4ZGxV9PVMIdtR4DMfPdwUAUcI0wdHO3SrAoqd+9BU7qGDqH2uyANdVaeYhpXU3GhhstlcG+MNkGvGBvyGeIfwlzVmpNzPjE+A6ohOAo2xpweZZhRJ5dQLGAuLqVORw0CgGpWo9TqYJKDoLtPtW8Z4E5KM/l3sVv5u2XvdSreeLMtHEwh7oUgC9gtBa1v176z1RMigeOf7UVKpDA5Ix0tHynGZXrP+UUS6861c2NnavZhSIAtbcE36BWvnZl4oQdvTplP1IfcTvipPDgbWGjWNDfX6veylpzjOXcKsnlMZjAjYtm04e3DaECADkjiiELP1nBjO5oZJetROG50OuCAspfZa4vTCR9AmQdoGPj0wsLP3HFubvDDanTod4k+WwxTIf6EznEkIJ3ecXGA8P2OtcduyHPaTwiq0+XG3kjCfRgwzsPbsYdx+gY9zv5KedHALglRy6glNkZYDceA/Fqk9Mj2s/zSlK6C3c5HdoXoMhYYLu0lVdWD/5L25/5utMStvgP6ksaUOuopDo2/l1lL+t1UQgaGojTgyaeJnrLKwPw7/xvQ9VEAQhgmfmFWjk6DOIpAiU/WrSKZaB7MwWqNWZr7Olxbwf2c36QiDBZlGuweIkePRNV1NyOO1BQ5JVlBYYODyNymbF4EJ1UzExFsN7JH6SD3Q/L11X8Cubqinh2x90w0oU+KnA3vmJTOYy4xVXMAeXw4ILjf1gQuy2pZzI/JcJqPLTr2H+GlMXY9mv6674ktrgSjh6VfHFXxK2L3VMcE00xZDPV6cj08HGDs= C:\WINDOWS\tasks\4d0ec2e7-584d-427b-a601-b9b87a4eb405-7.job - C:\Program Files (x86)\Cinema 4u\4d0ec2e7-584d-427b-a601-b9b87a4eb405-7.exe /rawdata=Vke6fB+0BjkpVB7xbnRARZ//D4CLZIJ3SqhZL43iz+GCxPrrNvcryZk1Y6pM/5sd9/fmkkkQ2EagLnj6VrRSiP4gWx5KmX7Ahb6pkBtxWOUe/kl/UhuYn5LqvKKKthhHborGsig0NRipjvJM7vbHvdALNFeqpvt97wtsMQlQTvWTRF+zcUADUIRitJfyw8KB/X/ImNZkpW+UOCwLwloB9rXbe0fOtp0VN9vhBdZJadFryzbYm+Iv+bzBi0VsXeeeruJ4VT7YtnMqVcOOnDyZmVDgHdlkLvypJFBq47lSlVj2TQI/X6LOq/AF4CqXKsBMcwysadq1Zo96Nm9ek0q7eHemoZk6gdaBmvUaa7eEcmx6ll53apSruWIZ68uEKbU0u12yoHRhd3wQRlcvqI4VaLAXEixcVXoi56Jr/3uW/5ArOY6L4enGy4bIpwZj969y0hvpmF9icb3U88lXu0tQdYNOx0fzxi4UQsyBUObJNkRbe0na1DTPUO2GYkx+W8t+OD7YsyGBJNjosBn6ebcZT5q7lfJon0pl1nRFbsQjWuSAuY0thDygR26V4oV9BF5THGhcE8DXUXnxsni47f6wNIAiis2wcD3WrWAyrvwns3OGiQE7QldxGjaZDzDX7qif66yVoDCYbDt77E5DgvaK01K1FjdYRSmwz6JWqMKmyCK1MFPia4lkU4oa2UDHmmV3JsofnvBOGaGJtwjdop+Ll20VEGN9veE3sxQtLVIMHaSZF7JGau6plGk97FLT5Nzov7NV1kfUZYRGyuyAx/3EusbAma+WHSUZ75ef0TYs08vh+mkcT0g8MW3IHH0CRptJWTf+/15+jFH9KmjjMyH8LIfzArLooQhvUSdyaCevh3Nph6DR+bbnE7DTwzK8I8ZNHAts8Z6Hk0rF80SxzqQAT0WqwS41lBmt9c/J66CgnyEXbtr8iivTdD0IOoz+N+k8Daeczpet7AttujwsZFGmrr6szvMOtjiyqdMdAXz5zF2GKd6ukl9Kzma61S7X7jRojobdJMlRn55p50X2NA2FK3ARbqt24YX0xIvY9VIbA/hUmS4fHKn9HweSdoiO1G1Uoc2221M4jhX37gjoYioIFkqALSUQw9rP7HwtrJclxCQAYnes5R/1VU1BawEVm5hm3sZx973zZGcgTvOJ15eC0vySECQd6BGb46eK5xuPzcFBNIReZs1wrAYz7VjRnMn8+vL25bvkEauP6vd0kSw1amw1bNaJ8B8msEugWSpSfrlRwqCWiPhx4tygzQ8dPSndPaQPmZtHnMkxuzVOmVAozwsT3Kiu5zT6a2y2AxIr3uepHRoxxjKqe6ajBjSWHZWhi2XqhTsxWFQcTpK8W91BIJfyU035rikYujLKleQHn8U0cLGLkEM3niMFFUYBcEr/P6wNqbKZ76ab8VbPWE5Vehf/VHKWKvhpzJ/MWx1pikHCXlDvTDWqdQwbz5F6q+qz/k4mlGEyzFdExTxvhqlSUZ07ApROnKmV7ziJYjHkb1/YxMPRd35spREegrjHjsOhvWBIzgnbkaJGuXlTgQ5xlcGDWlbLgIW1jdW/hyzqDw6xnuoRa7AWbNo3ADeIT1fjNAi6mb+JHXpBDdTAIq3HSXLE61syvxjUocUX6urke1Tc6gkwaOyn3vYGSAlT/iMzbpazbYkvaJT+tDEfz5VyMj8hXnNAT1FUg4ZwCiHqZyE= C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-08-12 218776] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-07 551848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}] CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-13 64640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25 2111616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a}] Movies Search App (Dist. by Bandoo Media, Inc.) - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll [2014-07-03 131456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL [2014-07-27 2335960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-07 212904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-08-12 153248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-07 460712] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25 1637504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a}] Movies Search App (Dist. by Bandoo Media, Inc.) - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll [2014-07-03 115584] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2014-07-27 1730256] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-07 172968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} - Movies Search App (Dist. by Bandoo Media, Inc.) - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll [2014-07-03 131456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} - Movies Search App (Dist. by Bandoo Media, Inc.) - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll [2014-07-03 115584] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-08-20 1214608] "BtTray"=C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [2012-08-13 764032] "BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-08-13 127616] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-05-27 3928264] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-08-13 170256] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-08-26 55100016] "EADM"=C:\Program Files (x86)\Origin\Origin.exe [2016-04-20 3639280] "Spotify Web Helper"=C:\Users\Ed\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2016-04-16 1525360] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2012-08-18 68776] "PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2012-07-27 724576] "Adobe Reader Speed Launcher"=c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2015-09-24 40336] "Intel AppUp(SM) center"=C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-06-25 152896] "ConnectionCenter"=C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2014-09-03 395616] "Redirector"=C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [2014-09-03 153952] "ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2016-02-12 1600072] "BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2014-05-22 4513792] "BrHelp"=C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2013-01-18 2009088] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-07-04 766688] "G Data ASM"=C:\Program Files (x86)\G DATA\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [2015-02-20 434296] "ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun [] "MyScriptStylusAutoStart.vbe"=C:\Program Files (x86)\Vision Objects\MyScript Stylus\MyScriptStylusAutoStart.vbe [2011-09-09 1161] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup StarBoard Light Sensor Driver.lnk - C:\Program Files (x86)\Hitachi Software Engineering\FX-DuoDriver\LSDRVA.exe [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "MSVideo8"=VfWWDM32.dll ======File associations====== .inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1 .ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1 .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - "C:\WINDOWS\System32\WScript.exe" "%1" %* .txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1 ======List of files/folders created in the last 1 month====== 2016-06-02 16:37:13 ----D---- C:\Program Files\trend micro 2016-06-02 16:37:11 ----D---- C:\rsit ======List of files/folders modified in the last 1 month====== 2016-06-02 16:37:20 ----D---- C:\WINDOWS\Temp 2016-06-02 16:37:13 ----RD---- C:\Program Files 2016-06-02 16:36:53 ----D---- C:\WINDOWS\WinSxS 2016-06-02 16:36:29 ----D---- C:\WINDOWS\CbsTemp 2016-06-02 16:36:10 ----D---- C:\WINDOWS\Prefetch 2016-06-02 16:21:42 ----D---- C:\ProgramData\Origin 2016-06-02 16:21:42 ----D---- C:\Program Files (x86)\Origin 2016-06-02 16:21:22 ----SHD---- C:\WINDOWS\Installer 2016-06-02 16:05:38 ----SHD---- C:\System Volume Information 2016-06-02 15:59:21 ----A---- C:\WINDOWS\SYSWOW64\log.txt 2016-06-02 15:55:30 ----D---- C:\ProgramData\MOCP 2016-06-02 05:23:59 ----D---- C:\Users\Ed\AppData\Roaming\Skype 2016-05-31 04:43:32 ----HD---- C:\Program Files\WindowsApps 2016-05-31 04:34:26 ----D---- C:\WINDOWS\AppReadiness 2016-05-28 09:02:48 ----D---- C:\WINDOWS\System32 2016-05-28 09:02:47 ----D---- C:\WINDOWS\system32\drivers 2016-05-28 08:46:57 ----D---- C:\WINDOWS\system32\NDF 2016-05-27 20:45:00 ----D---- C:\WINDOWS\Inf 2016-05-27 20:45:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2016-05-27 20:34:42 ----RD---- C:\Program Files (x86)\Skype 2016-05-27 17:34:50 ----D---- C:\WINDOWS\system32\config 2016-05-14 12:09:25 ----D---- C:\WINDOWS\system32\Tasks 2016-05-11 14:27:11 ----D---- C:\WINDOWS\system32\catroot2 2016-05-09 18:58:14 ----HD---- C:\$WINDOWS.~BT 2016-05-09 18:29:40 ----DC---- C:\WINDOWS\Panther 2016-05-07 13:10:00 ----D---- C:\WINDOWS\system32\sru ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 GDBehave;GDBehave; C:\WINDOWS\system32\drivers\GDBehave.sys [2016-03-19 160768] R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-08-23 645952] R0 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2013-11-15 782360] R0 mfewfpk;McAfee Inc. mfewfpk; C:\WINDOWS\system32\drivers\mfewfpk.sys [2013-11-15 343696] R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536] R1 ctxusbm;Citrix USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\ctxusbm.sys [2014-08-27 96184] R1 GDKBB;G Data GDKBB Driver; \??\C:\WINDOWS\system32\drivers\GDKBB64.sys [2016-03-19 37400] R1 GDKBFlt;G Data GDKBFlt Driver; \??\C:\Windows\system32\drivers\GDKBFlt64.sys [2016-03-19 29720] R1 GDMnIcpt;GDMnIcpt; \??\C:\Windows\system32\drivers\MiniIcpt.sys [2016-03-19 246272] R1 gdwfpcd;G Data WFP CD; C:\WINDOWS\system32\drivers\gdwfpcd64.sys [2016-03-19 77848] R1 GRD;G Data Rootkit Detector Driver; \??\C:\Windows\system32\drivers\GRD.sys [2015-05-01 106272] R1 HookCentre;HookCentre; \??\C:\Windows\system32\drivers\HookCentre.sys [2016-03-19 134656] R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2014-07-21 13209088] R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2014-07-21 626688] R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-06-18 3680256] R3 AtiHDAudioService;@oem11.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdW86.sys [2012-08-20 98472] R3 BTATH_BUS;@oem29.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2012-08-13 33944] R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-04-28 599240] R3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth-stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2015-01-30 132608] R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator-service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248] R3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth handsfree; C:\WINDOWS\system32\DRIVERS\BthHfAud.sys [2014-10-08 32768] R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy-stuurprogramma; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-09-24 226304] R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 118272] R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920] R3 GDPkIcpt;GDPkIcpt; \??\C:\Windows\system32\drivers\PktIcpt.sys [2016-03-19 92160] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-08-20 4102928] R3 MEIx64;@oem12.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784] R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424] R3 RSPCIESTOR;@oem14.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [2012-08-07 339600] R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT-stuurprogramma; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360] R3 semav6msr64;semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [2015-10-29 29352] R3 SFEP;@oem26.inf,%SvcDesc%;Sony Firmware Extension Parser; C:\WINDOWS\System32\drivers\SFEP.sys [2012-07-11 14336] R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-05-27 42696] R3 SOWS;@oem27.inf,%SOWS%;Sony Wireless State Device; C:\WINDOWS\System32\drivers\sows.sys [2012-06-11 24280] R3 StarBoardMT;@oem1.inf,%StarBoardMT.SVCDESC%;StarBoard Software Multi-touch; C:\WINDOWS\System32\drivers\StarBoardMT.sys [2012-09-03 28968] R3 SynTP;@oem64.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-05-27 626888] R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736] S0 GDElam;GDElam; C:\WINDOWS\system32\DRIVERS\GDElam.sys [2015-01-08 117904] S3 BTATH_LWFLT;@oem14.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [] S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664] S3 Ctxusbr;@oem23.inf,%SERVICE_DESC%;Citrix USB Redirection Driver; C:\WINDOWS\System32\drivers\ctxusbr.sys [2014-08-12 69736] S3 dg_ssudbus;@oem45.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800] S3 mfeapfk;McAfee Inc. mfeapfk; C:\WINDOWS\system32\drivers\mfeapfk.sys [2013-11-15 179792] S3 semav6thermal64ro;semav6thermal64ro; \??\C:\Windows\system32\drivers\semav6thermal64ro.sys [2015-08-16 13792] S3 ssudmdm;@oem47.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080] S3 USBAAPL64;@oem17.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl64.sys [2015-06-10 54784] S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-04-22 82128] R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2014-07-21 239616] R2 APNMCP;Ask-updateservice; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2016-01-05 198216] R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-05-29 77128] R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-13 211584] R2 AVKProxy;G DATA ANTIVIRUS Proxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2016-02-18 2790368] R2 AVKService;G DATA Scheduler; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe [2016-02-11 970872] R2 AVKWCtl;G DATA Bestandssysteembewaker; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [2016-02-18 4068592] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-05-25 1364096] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-05-25 1687680] R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792] R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-08-07 2445968] R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104] R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856] R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720] R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824] R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 McSchedulerSvc;McAfee PC Task Scheduler Service; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2013-11-15 182752] R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-07-27 474208] R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376] R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe [2012-08-18 68776] R3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792] R3 GDFwSvc;G DATA Personal Firewall; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [2016-03-04 3219872] R3 GDScan;G DATA Scanner; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [2016-02-18 791160] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2015-08-13 644880] R3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2015-07-23 59928] S2 ESRV_SVC;Energy Server Service; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2015-08-26 413336] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-04 116648] S2 McOobeSv2;McAfee OOBE Service2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296] S3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-09-25 282112] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-04 116648] S3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [2013-10-16 235216] S3 mfeicfcoreocp;McAfee Content Filter; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [2013-12-31 2782392] S3 NetworkSupport;NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [2013-09-28 625240] S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-05-02 2120712] S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760] S3 SOHCImp;VAIO Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-08-08 123616] S3 SOHDms;VAIO Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2012-08-08 460512] S3 SOHDs;VAIO Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-08-08 78048] S3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-01 289952] S3 USER_ESRV_SVC;User Energy Server Service; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2015-08-26 413336] S3 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2012-07-19 476328] S3 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2012-08-08 972000] -----------------EOF-----------------