Logfile of random's system information tool 1.10 (written by random/random) Run by siemen roosje at 2014-12-10 17:55:40 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 170 GB (56%) free of 305 GB Total RAM: 7655 MB (45% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:55:44, on 10/12/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17420) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\AVG Web TuneUp\vprot.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files (x86)\Java\jre7\bin\javaw.exe C:\Program Files (x86)\Java\jre7\bin\javaw.exe c:\PROGRA~2\mcafee\SITEAD~1\saui.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\siemen roosje.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1404322184&from=cor&uid=TOSHIBAXMK6476GSXN_22G6C08UTXX22G6C08UT R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hp&ts=1404322184&from=cor&uid=TOSHIBAXMK6476GSXN_22G6C08UTXX22G6C08UT R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1404322184&from=cor&uid=TOSHIBAXMK6476GSXN_22G6C08UTXX22G6C08UT R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1404322184&from=cor&uid=TOSHIBAXMK6476GSXN_22G6C08UTXX22G6C08UT&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1404322184&from=cor&uid=TOSHIBAXMK6476GSXN_22G6C08UTXX22G6C08UT&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hp&ts=1404322184&from=cor&uid=TOSHIBAXMK6476GSXN_22G6C08UTXX22G6C08UT R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: CrossriderApp0063311 - {11111111-1111-1111-1111-110611331111} - C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho.dll O2 - BHO: CrossriderApp0063313 - {11111111-1111-1111-1111-110611331113} - C:\Program Files (x86)\TheGoPhoto.it V10\TheGoPhoto.it V10-bho.dll O2 - BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing) O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (file missing) O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120816122647.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: DataMngr - {B939CF93-F2CB-443d-956C-DC523D85C9DB} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\BROWSE~1.DLL (file missing) O2 - BHO: Wincore Mediabar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll (file missing) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: TBSB09850 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\ChatZum Toolbar\tbunsrC3D6.tmp\tbcore3.dll (file missing) O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: ChatZum Toolbar - {37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - C:\Program Files (x86)\ChatZum Toolbar\tbunsrC3D6.tmp\tbcore3.dll (file missing) O3 - Toolbar: Wincore Mediabar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll (file missing) O3 - Toolbar: Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START O4 - HKLM\..\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60 O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [TBHostSupport] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\siemen roosje\AppData\Local\TBHostSupport\TBHostSupport_0.dll",DLLRunTBHostSupportPlugin O4 - HKCU\..\Run: [HP Photosmart 5520 series (NET)] "C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN3AV5379M0602:NW" -scfn "HP Photosmart 5520 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [APISupport] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\siemen roosje\AppData\Local\TB\APISupport\APISupport.dll",DLLRunAPISupport O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-2652864501-1178246780-2758921404-1000\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR (User 'User') O4 - HKUS\S-1-5-21-2652864501-1178246780-2758921404-1000\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent (User 'User') O4 - HKUS\S-1-5-21-2652864501-1178246780-2758921404-1000\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (User 'User') O4 - HKUS\S-1-5-21-2652864501-1178246780-2758921404-1000\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (User 'User') O4 - HKUS\S-1-5-21-2652864501-1178246780-2758921404-1000\..\Run: [iLivid] "C:\Users\User\AppData\Local\iLivid\iLivid.exe" -autorun (User 'User') O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user') O4 - S-1-5-21-2652864501-1178246780-2758921404-1000 Startup: Inktwaarschuwingen controleren - HP Photosmart 5510 series (netwerk).lnk = ? (User 'User') O4 - S-1-5-21-2652864501-1178246780-2758921404-1000 Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'User') O4 - S-1-5-21-2652864501-1178246780-2758921404-1000 User Startup: Inktwaarschuwingen controleren - HP Photosmart 5510 series (netwerk).lnk = ? (User 'User') O4 - S-1-5-21-2652864501-1178246780-2758921404-1000 User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'User') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe O4 - Global Startup: Toshiba Places Icon Utility.lnk = C:\Program Files\Toshiba\TOSHIBA Places Icon Utility\TosDIMonitor.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Toevoegen aan TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing) O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Unknown owner - C:\Program Files (x86)\MyPC Backup\BackupStack.exe (file missing) O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Hercules DJ Control MP3 (HerculesDJControlMP3) - Hercules® - C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater3.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WebCake Desktop Updater - cake bake - C:\Program Files (x86)\Movdap\WBDesktop.Updater.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 23188 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=68689e2b-3ced-4203-b910-0010bcd78e39 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\70d5a12c-fce0-4864-a16c-8c135f729125-1e0-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs atieclxx C:\Windows\system32\svchost.exe -k NetworkService C:\ProgramData\IePluginServices\PluginService.exe -service C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe" "C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe" "C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE" "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe" "C:\Windows\system32\mfevtps.exe" "C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe" C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\TODDSrv.exe "C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe" "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe" "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties" \??\C:\Windows\system32\conhost.exe "699502470-20587347151637481006-14391491381204797657-2112670672-400778395-245615675 "C:\Program Files (x86)\Movdap\WBDesktop.Updater.exe" "C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe" "C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe" "C:\Program Files\Toshiba\Power Saver\TPwrMain.exe" "C:\Program Files\Toshiba\FlashCards\TCrdMain.exe" "C:\Program Files\Toshiba\TECO\Teco.exe" /r "C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe" "C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe" /STAR "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN3AV5379M0602:NW" -scfn "HP Photosmart 5520 series (NET)" -AutoStart 1 "C:\Windows\SysWOW64\rundll32.exe" "C:\Users\siemen roosje\AppData\Local\TB\APISupport\APISupport.dll",DLLRunAPISupport "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe" "C:\Program Files\mcafee.com\agent\mcagent.exe" /runkey "C:\Windows\SysWOW64\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait "C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\x64\saHook.dll", saHooker_Initialize_and_Wait "C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe" "C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe" "C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe" "C:\Program Files\Toshiba\TOSHIBA Places Icon Utility\TosDIMonitor.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" taskeng.exe {F81CF776-7A51-4319-ABC1-2EC047B00B21} "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" "C:\Program Files\TOSHIBA\TECO\TecoService.exe" WLIDSvcM.exe 5360 "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe" "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe" "C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe" "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe" "\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe" "C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" "C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe" /boot "C:\Program Files\iPod\bin\iPodService.exe" "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-38858640-64ac-4af7-8300-c6ea4c8f03ae -SystemEventPortName:HostProcess-34b65a9f-186f-485e-8f04-b354d940d5b1 -IoCancelEventPortName:HostProcess-63de0d7c-1eb3-433f-921e-dbe092b603ca -NonStateChangingEventPortName:HostProcess-494740a0-063c-487a-913c-474992240640 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:79dde831-e144-4d9f-9742-9c0c2ccd5a6d -DeviceGroupId:WpdFsGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe" "C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe" "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe" "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe" "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe" "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe" C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe "C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe" -Embedding C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe" "C:\Program Files (x86)\Java\jre7\bin\javaw.exe" -jar "C:\Users\siemen roosje\Desktop\minecraft 1.6.4.jar" "C:\Program Files (x86)\Java\jre7\bin\javaw.exe" -Xmx1G "-Djava.library.path=C:\Users\siemen roosje\Documents\versions\1.7.2\1.7.2-natives-398439825551" -cp "C:\Users\siemen roosje\Documents\libraries\java3d\vecmath\1.3.1\vecmath-1.3.1.jar;C:\Users\siemen roosje\Documents\libraries\net\sf\trove4j\trove4j\3.0.3\trove4j-3.0.3.jar;C:\Users\siemen roosje\Documents\libraries\com\ibm\icu\icu4j-core-mojang\51.2\icu4j-core-mojang-51.2.jar;C:\Users\siemen roosje\Documents\libraries\net\sf\jopt-simple\jopt-simple\4.5\jopt-simple-4.5.jar;C:\Users\siemen roosje\Documents\libraries\com\paulscode\codecjorbis\20101023\codecjorbis-20101023.jar;C:\Users\siemen roosje\Documents\libraries\com\paulscode\codecwav\20101023\codecwav-20101023.jar;C:\Users\siemen roosje\Documents\libraries\com\paulscode\libraryjavasound\20101123\libraryjavasound-20101123.jar;C:\Users\siemen roosje\Documents\libraries\com\paulscode\librarylwjglopenal\20100824\librarylwjglopenal-20100824.jar;C:\Users\siemen roosje\Documents\libraries\com\paulscode\soundsystem\20120107\soundsystem-20120107.jar;C:\Users\siemen roosje\Documents\libraries\io\netty\netty-all\4.0.10.Final\netty-all-4.0.10.Final.jar;C:\Users\siemen roosje\Documents\libraries\com\google\guava\guava\15.0\guava-15.0.jar;C:\Users\siemen roosje\Documents\libraries\org\apache\commons\commons-lang3\3.1\commons-lang3-3.1.jar;C:\Users\siemen roosje\Documents\libraries\commons-io\commons-io\2.4\commons-io-2.4.jar;C:\Users\siemen roosje\Documents\libraries\net\java\jinput\jinput\2.0.5\jinput-2.0.5.jar;C:\Users\siemen roosje\Documents\libraries\net\java\jutils\jutils\1.0.0\jutils-1.0.0.jar;C:\Users\siemen roosje\Documents\libraries\com\google\code\gson\gson\2.2.4\gson-2.2.4.jar;C:\Users\siemen roosje\Documents\libraries\com\mojang\authlib\1.3\authlib-1.3.jar;C:\Users\siemen roosje\Documents\libraries\org\apache\logging\log4j\log4j-api\2.0-beta9\log4j-api-2.0-beta9.jar;C:\Users\siemen roosje\Documents\libraries\org\apache\logging\log4j\log4j-core\2.0-beta9\log4j-core-2.0-beta9.jar;C:\Users\siemen roosje\Documents\libraries\org\lwjgl\lwjgl\lwjgl\2.9.0\lwjgl-2.9.0.jar;C:\Users\siemen roosje\Documents\libraries\org\lwjgl\lwjgl\lwjgl_util\2.9.0\lwjgl_util-2.9.0.jar;C:\Users\siemen roosje\Documents\versions\1.7.2\1.7.2.jar" net.minecraft.client.main.Main --username MrAWESOMME --version 1.7.2 --gameDir "C:\Users\siemen roosje\Documents" --assetsDir "C:\Users\siemen roosje\Documents\assets" --uuid id --accessToken ${auth_access_token} "C:\PROGRA~1\McAfee\MSC\mcsvrcnt.exe" /forever "c:\PROGRA~2\mcafee\SITEAD~1\saui.exe" -Embedding "C:\Windows\system32\wuauclt.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="15240.0.1852738690\530556324" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17,38 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x0000 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.911.6.0 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_21/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="15240.1.842519635\1504632119" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_21/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="15240.6.1265429071\1133366005" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_21/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="15240.7.507386991\831132519" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GCM/Disabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_21/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="15240.8.1482580496\1055971844" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GCM/Disabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_21/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="15240.9.5267171\338161289" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GCM/Disabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_21/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="15240.10.1728108115\1620342775" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GCM/Disabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_21/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="15240.11.1854403924\300301659" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GCM/Disabled/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_21/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="15240.12.81859578\1411930566" /prefetch:673131151 C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe" --parent-window=0 chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ < \\.\pipe\chrome.nativeMessaging.in.212a741a4759fe87 > \\.\pipe\chrome.nativeMessaging.out.212a741a4759fe87 \??\C:\Windows\system32\conhost.exe "714074499-6020471191653171138-146170543-11312120982042488035-1959351917-2032819529 "C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe" --parent-window=0 chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="15240.15.688147706\48014058" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 taskeng.exe {25E2AAD8-5574-4422-BCDF-E40D634ED557} "C:\Program Files (x86)\TheGoPhoto.it V10\5a51060d-5d72-4ec2-b062-28ff8ada1ca1-6.exe" /rawdata=px5D5l/sBphHmfb+dViIEZS0kCwVpAy5/5i9Z5xscvQGZNgp7W93w6Y3QPFM6p42DOnNHvh2BfwJ4V83zMDJ4a7VJHRzWLqgLAMet44S+MFpWfHU5nsCqeZ0C5PKh+WUjeaOIq56vJ1tBWopj2PztSWGanX5ufGTE9Cf3hpUDm2mpcXZOGH0121QkCXy+TbZ3YNUTsdj5/U1FUcEuJ1WQkuDGTS6koaYCAq0kgm2tuciZtzxVmqvtMAIrwCg+CIPDmbPl+bjkqUkAcMnKqQ+34ddQmK1DROSk6W+GAs63hbzbOeTs6M/0zfEN7x81Rbow4NvNGLqUYJmn51+41/kia0rqnfgGZVlCFroArCDGwa4dyhl1r+kD5E/b4PHI8kM/uZpWypCoUS9pF/mhpMCCUrDiTYleEk5RXPWusMR3KH91uhxq5qYCWNsfEpSba+LbHuIDJld1mmaYRqSwPA30YdFT0h7kilVY1fLFI/yp3BSsWuTkiW5tXbxs8VxpUhLgliOoGX4mt+4fBJYqimY1uoTi4kfb12ahe7PjGWYZGik/6r3RuNerQpO75JsXl9PS8EAhuufNZMU1PzPZcfK88FNnKJB77ZK2ZFFGQ+NKUfqratvcnCxXWNhMbNlBJhmbc23W1UoAx4/BTgnbbPPHMLG4OqbWZYrJeaA29+BdwKf/WJGkulnokRC9UK5QB6CWVP4l4nSire+nCEZy/VUWD9RJPsYQXpyR8GKX7B5tuf2gyU4uTGHzLDukUGpLAuh/lqo2NfhhP4LNPClXXmcPkT4ilGxaSeytOxDtyn/fwzKbOY/8naO61fZAvqjh4805KgRytH2ZENNeoxjhoNsAk5qbLggIhaDjxZnCE5PEeVXdji68W/110wHxCRXhuR7U4L/5RLu6I6L96eHhLgWYdkcDBp5Hg/IMi+0bYAmd7H0H+hQq+oSKdzyvmX4bszHkorNf+/0+Ja5udK3A+FNZ/r4uAYKpzcag04NIb2YGaRXUwJ/OmUz7F4aBYGO5tWxdh9oikJyNoh8NE7EDMML2/UxfWP4vMaC85J3EQTce+Et/JJfx5RiUXdum7NfVbYAFiVcpFovCCIDqf3uHiOc5Q1LJsHnIExndWwriEBXDHfdDKd96WzW2zwPAtBy0tXBNZ0BhxgndCnx3QN/DLlbZtpVFSwJGydpTuXlneQCyggr1fcKbqi8PhCjI9sCEtL2EeqFn63UhNWYGImiCHYAfdKy6sVNIxdXZpohLSrCFszT2aTrhFCfntay1lSjk+SkAYUarO6l79dveiY/qP9qiysavGaXa4aKDdV3rcDU+sg3yQtRRZuK+MgE8pavnWt2H8ocDu9hbAoyOgF7Dq4/qiREdLeqjJHQ98I7MYUDKOB99LWgVeNWPaHVawsO8dcmfkZ8fkSgNIVxDIaxp/KjV3PuDfK+f17utqp929hEuablp8BcRdO65hfPDSgN5l8qVP1tt/xWYMRDs/Db0u1igfaD+LRgAJj9wMq+luk340La4qKo4QLTuIc00+V0KTpn "C:\Windows\system32\NOTEPAD.EXE" C:\rsit\info.txt "C:\Windows\system32\NOTEPAD.EXE" C:\rsit\log.txt "C:\Users\siemen roosje\Desktop\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\5a51060d-5d72-4ec2-b062-28ff8ada1ca1-1.job - C:\Program Files (x86)\TheGoPhoto.it V10\TheGoPhoto.it V10-codedownloader.exe /rawdata=e2sl1ucUFA1xjpHI8bDL0+DkNWcmwwNBtrCrFfUNE0xLylz+5TvnLIQaOCIZ7OrFv+Ejko1qB1sdno2piyggkqgT3pG/fRpVtEtXarHAHVnwPYK0j8hGyxeiF6MvEnaMxbBop3BWLwBhYsKUj3rbOgrpeQLUFHkFNQ8jREg4fhxSuooYJs/E6MQSUqwXm3b/mziyAN/TNHAwCac1V3tkwbAVNU1d62UozvwkTeHsJEbp1ghthgRYotYrvGLPoxrkcq3LU/xvzB04G8fMQnEIm3tGj1gZMp8ZyjpzKMH8cnW4ZAoNMl1aqpWs4/ztfGivHmYURVbZaQhD6oUcR7ZbGSkPtSVInFSLVcWAN5GxKjvePU7cRdCnWnPB2zf3QHaiekwXLtQ/NeUhCalOYbSgulXlXtKADhW1VRBXEN2y3f8tNL0FZMvwB9+Uq4xy93edlKmDpD3YmgMhFuNshlx2YcnvL2Via1uQMrAKQslyCNYIdw/iwhgOdeOkkTC4qIItk4LcImbOMkSSctoyjLewyGs6nIXHvsrc/Sxutb0JS3Rd6pz7bgyb3rgnmp4qXBeI7cXoq4Zc6/1DNzJtulCCajNr1nn54EvAQigJNzY6nvNGc2O1MiNvsKoKN/ixMV5xHhdsKKaU8sh0j6mWkCWGGFJ2tDlOYCymf8YU4+x2GJhKhCAyk2Xj6Vk1IjBVhfMlGZRkS7qpXIM8J7EsHFsj7fpzHS7BLW5Xp/j4k0KascyA3Vpb9RfCvOpHsSoc9dJcqgYsY+i4Pqyzgd6CS3hp4LpKu8UCDhjHJYNeC0TqWk8c8jioGyTVpwUqOtWcTMHsIL+gQXtDKxAkGP+v+QxI5KEbIS4MuFNW5EAEsvEpDdvuiKVw4BaKlHX540QpZB2ArLm7yT3gmogzLt0/neODSaM/WO1+EUtwnqFHwjUPZtHeNFlsZxOYbqQOK6KGuxzANu4sq9uX8Yftc8S8h28+8B6wqJA4yXTAbgMbVUlW0kNsC4x2vFHEN+3L898NZN5DLWm66oWf/kD42sKZf9G0j4dzj3ROUUcc487naTcFY6KiqNIrSFhX5tcC9n5z9wiqBxJMIqjAcO8w5EBAuOOveCuRlK7bZrKcS1B8xmmv7vVsXzsz4/yI5rF8tfSY0oYsOc6fceoe9G4dD7U3446+aA//cEQ6yQFZDRnkfB2aSFA= C:\Windows\tasks\5a51060d-5d72-4ec2-b062-28ff8ada1ca1-11.job - C:\Program Files (x86)\TheGoPhoto.it V10\5a51060d-5d72-4ec2-b062-28ff8ada1ca1-11.exe /rawdata=VBy5Or3r1f/SznQerZHOLz8HN89fKvbG64GwIqg/RJTyIyBaokwkW3YSRf2D26tedVZKNzTU1cynFR23S44Uf4Nuc1yBAzUt9dDyVfC7iNU0TlE9cPtn/3BRo9prMpemgSxuebZUM3JiVCIhFef5qeJmfdOVNHmBWKCiQJPqKe1Ee9Xd2g19S5a6cAJd/JC4XJEfLBrhWTODQrjD6fdLCGW6E1im6jPgdGzSb3R9HB1NlwKMD3sMtJohd2Sgip1yK9nSLUkSE6Yj9o4NZUmsPg202R8D1PLaQ7uB6yXIiq2I3CwJ2mWMnxbRQxnP15aVkRwXUId+PB+NpEMVSnwrpTpgbRSkiBO/Q9ukH2woMRLI9/jME8pTEoKgv5OpPjxzdx9muH9S4FyvA/JZd/bkY+SQ6LgGHmsIr7HZaBlmmZy6ZxTfDzyzAKAm3XQ2T71cZe6UVgf+zjlG6D9IStJRyAZQovnT3lmM/Z4smqUPvWRsp57dk4uAYHREX6GcwzC+VqROYWxlxT9t4KEcVh4cTsTKJJTRyCxvEgWtziwJezPzRK5rKztczcVgOr8jj8Yqmyty932cCy5uyqM/9N9zV5Q0ThX8FJXcYOaxL8F2oh40chpUTq0y9eVnh6r5hL9XrmxaYCECCmhSRuJSuk3pWzyxyQ3Q6wcVtlpudPja0iJqAQWYJfihewAghGFKD7FiK7ae8EQlVmM+Vn7nD8awSCYIDGb7bxVRO4n8XsNj3wQ2DI9FIS8l1iNawU8FMa+mI7QSHY+8mpBNcKOfA77RKUFbksZr03qj8+t5be8TfNeDgz2vS87H778HJXcofJ/MMHCrES+z2J2dtc7dxRjar7Ow2FJgdBiHmt7rKiuyUDqq0tAfAMhU13FSVRf7HnF5iRJSi2KaNzfpQ3Hps00C5oFrK3TkKFwTDDJIFko6GqPw9rdhU7Gr9iP7OmBuolbfKSOjywObls49Z70rULep+ttVbcd04uM4tC8hH/8gLXVaXt8JS/aTqVxKlwH2g81rSS2y/AbTWC+skcXGLbaBSAKbR/zxr4PQDhmiglunPjNwL+nhXCB28BQbrHnwvN72ob20reQk5RDZ5sx/Wix7L5k/m8W0VX4Pr+DK71bBCgerdgKB12tOrFxAcd93E+4Nej30mFRPknnim66Gtboe/xzBNfY3Scc7nzW4IEVpvJEni1YtWGwsCDlU6Sgg5jKBHNjgyoRNiPoE4Df6aAB9f/rqXqWx4C31v5JWmsvMbAEp5zqQpZ8+6EddLzCwl9ufRJHPxgW/QARxhPfKxLxTLifHXbqteAUKuyfE0yyFapxLhgO6NxzGBEwGzz+iwo73C1GNRbF0myY91GHCqIwsGR4kwBB/ZW6LOZ8NK9RlW/UxoLegaw4aMzYgJY14tT8RdUy0+pHCVdQTCTY2fNU2HbaisTNxHOb/RJf7tZoor2SAzTx+EwOKGV5yqFEy6ZNolhUtni2ThAOrDIRVi2JOeh2mZxbOpYLWlZgluiDwlYvMy0baFM6PHYFEsUmKTYMNVytbybsfdlhF/gKW7SbHonIbsz/VYSPRX7xqeprzud1N7IoyPiygwA20nmcsS2Lh2m6FjCMEYeANnG3EA5Vrn9IcxB8uAmYuI6vr36nOsqdiD6FKP7GlRfdKHGOT5pkaF/r8dJKFkl/trnseHDW9lR6k10VLuHD/O+raV62252EMHz4T0lNwPcN+l1MoWa5VLpMcscsiR1iq/M53crTkpnlWDacn8hmMOEVumm+yBsSICPhG9NcV2RDeaqHrZmC0Cera5P0DMH1fGCltwD10eHBLQirgjm0fYULSVPkbbnFh1klZrQcXwBulybIH6s5/vltG8TGq11bk6B7n7HYde0GtKd1BzW96g+qPAr8ac47MG5WGi5+inNb+7NeGAy34jZzhMbeKxjFWtfe1Ts1xEAsesQ3m0hh/tyLk8EwQ+KQgad2JN8RE/0TRaomKym+5ruPNthq/jnEiZCjtz45+BOFCEOyS4N46h+dfjBO2oWi9DuCoQK6EDygEqGXVCUJ9 C:\Windows\tasks\5a51060d-5d72-4ec2-b062-28ff8ada1ca1-2.job - C:\Program Files (x86)\TheGoPhoto.it V10\5a51060d-5d72-4ec2-b062-28ff8ada1ca1-2.exe /rawdata=lyHo8mEFBxvRRpMyfuu33yYwYHzGo91mR6+5nOfgsoIRywbfyULzFxrXGPoElQOuJb9yRmAXhtaf64THWthx6icG6h+7b3sK2H2mS5z7XrIO+DE2L1qivcAqA4apZC9DqpNgTRLfPLxM1E7w99He53YYp9KnJ0pnB1WZFVHweB8kn2yFRgE7hIfiZNGF3WQetiwe/NI+fTqVWJ6MWhUussCFdiph/Yus7QyilVxtnkw4157Y0lGoJXRP7D4dyx/3baLrtqV3ef5l3H7JzNB5vThhuZI1iY1hnpXR6vBBuMN6nvcxw9lP1cOeaZKpv/8TrVhA80GWOE0EC4xvPRP7v0MhShJ6cxxquJVblieYe44kmyJvXUFl7xxvlKzdcs2tIwinMCdVa3auQFT9jJV5KuijBE+qEOczIYBS8Is2MMgvnIvahGSh7/TRmwXVWd3Dom3qdt/eA68qSQcjXPdT9AUeWTOO4NzYVCMHUUR7DMc79D0A7fw/Z8Dc0cmjFBAWqxeYoZkwUcPcUxdPbZc0gcTqKiHKM8gBNnnNNd1jlZVD80Q4OzWIiLHxYIGICoa49VMHDf0cqUiOAdc3qcZ/+FrAOLJMcBhpLjXWvA1bkH+tfqZ73d92XYCsk285w+mY5QP/RnFWSY39urNpVyQgTzrAB3IgSAbFoERzmYDkgFYR4AW3TMUc1j/ppyW0r/E0e/2VET3twxT2yJ7vZQMb4FjkHSxAS6gj07/4tByf/DIZ/Fh8P7BlpgqHEHHcLtLhs1CckN9rw30LTzAiaqzJ1GReclAA2tn+wufGmBmcck4QJfOodN8HrsOINEXNrt8tMMx7GJto1d1PBpUl7lX3Hg== C:\Windows\tasks\5a51060d-5d72-4ec2-b062-28ff8ada1ca1-3.job - C:\Program Files (x86)\TheGoPhoto.it V10\5a51060d-5d72-4ec2-b062-28ff8ada1ca1-3.exe /rawdata=w5+/hfzPV64rTEwZFjyXMUZEcFWVsFutW7G83pzL6D/Xl00kOl1d7p7Wk9MAIlnXQcde/4ZOswWGewRgXsJm5CqX50cuSeMwYESkLmX0DTzFpAwErjY2eWqw3iBUHVXq4q8U4KazNzy5gDHs0/81ZeTdPGzxJ6cpuoNfIVNNXJ5uAdciwznX2yftiQxnminNQTKczY+7YC4D8Y3ui6+vSjslGDwi52FucoWDk3GfhyWfs4oQcleUHooCiLofKUyAPYJ8pe84qF1i9J6U2oH5VWEBrbX/TXv7vxf7hLTjBRBo0OAMbb4BNidYH2JMmJassB5mfW2D+kkUaQ7tGLaVUEyu8ODNYYUZLJaLfpOgZOVs8DEnTr3cthruv+vVhlrrLHukkNZGLNVi1DEeQ0mt3vKUt7DLIgQ/HPm3gFfB4S6ggexu6b4wHKa/QK6GAuO/xVyJNULH8HrRMLaU+jJ8Zml8+NITdnzmkjtb/XV0P7wtIMKmss2cN8rohq8IkNwnvLA67q2kN6hYmaIJtyLmKUCwjhMazOItqWaS23TT6uvQwtFjjNE5lxo8g8waKhtXRlqrV4b+5Sym5vun6SYBS5iKNj+fB0XD7ST4VbgOQ9EEIxoupvyTexZkwtFgNxTgXUY8RxIKHjGx/ETo2jQhdK36xRLOna7m/mDMixvtlfmcUKMXHwR1YSPKNvCqbyPNF/A/WGOh70LSsyVHB3kod0b/muJCSQUZewXoCQSHiyI8zA4aoy4YMW0nVlHkGJT9TSStOvXYFjer37pJ4lC5zL8/ZdONoCNcQHM7Nj+Q3AvGm0QOdowoEe82FdV5TQ3sE07VqT4goqtNcY3FFANedZum43hpob05RoYFvKSi/31/UGFC9pg4U7bhHxHRKlMKoUs5StCzu7W7Yj2fkcdZNc1yODRdMloFVYQ5ajGgOQQJnpC28V8NYxS8qqswRUxHZlk2bQY68g01gB1jof59g3q2ttdpoLKI9KI8LoqUnNG52YNkcg9gpmLmKxFbVc7eYMX+14Nx1dvCY9aaZ1KGgvHeBzH5GkB+QTxUFp2Z44a1JP25AjMhwEP3Gpc4twc0OEFiI5npWQFQStlAo08VZyGJgKtwA30KzhLQSMmSg3vuT+xbT8aR+v22OAyeTccd2YVgY3YbEX00++PU3x3l5kOwsAG/gtWmJjX3peC/x/Ib+siA06yZpiQBx9DMPHcTBkYXXP+cZShzOj5/2xX0QAJSkLXAo9jxzAppP+nmD4eyshp5WXjNwejtEZH2URyrFnAo0hc/JE0w30QzJDBAEYRFHc6UqZg+pRRpojvNmpe7l+UT0WCWwqt9XahW4hYsjmZsNvnnfgy+SXINdnUFlw== C:\Windows\tasks\5a51060d-5d72-4ec2-b062-28ff8ada1ca1-4.job - C:\Program Files (x86)\TheGoPhoto.it V10\5a51060d-5d72-4ec2-b062-28ff8ada1ca1-4.exe /rawdata=ELGysaCc9oQqHo8ROg4rop8nd8eooU/1URiFUeNTe0p6y8IA5Sdf9ofq/94iwVvCOKZiCPBsiX6fOTM7quLg4pszK0bK/7ZUbCWApByPJmaiWRDALDFrIIg6kxnb7RjHMPearFZjaLoBc1E04usb2+xFey21Q+o57A9MO0EFWv/ER4BSrzmOFPWyJavQKio1Nw4He3DKkAS0JTJ/QD1LxN5i/cZA93Y7UQZ1A9ULB1UkJxQdbqsBaKhilJBgnWHhJngvCWBfoSK3qml9GrbZcYFUZpcxA2R+lJTsbm4iWfkf9wyPVh4MGpWyuuGfM6si9wwkbhHxGg+6fR7eaGBgdUubD4HItgaDmOlHEJHYAgz/8+3fnIvKSvg/a6EDj5NY3bgFo1s0DXH1vW1xo530PW6vK8b/iGqTf4ao3Io3I+x95gvT1HROwUJ96rlUfLYsyst+SZexTSQKmySJgLMe2y1jEudNBHYJH4DBQ2K5VRGE/68dmXdi4shZHJ0AnNEtO8RP5Vel54DUQ5Nbxn+dMVZI1dSY6cUFLhha1n1xRC/FVv5i7QgYgPbQfOOPZjtAwmz5UPgVMqJMb2rdrsOCWEC1L4qKdnBBjUUtHMhhaRhocFpxO4O4l+cVrvMbBmvWERIwLgsT29LQdImg2GyfvIW6k6QdyA5Y7bAU5UkS+TZOLiuHfkMg9AgHmSirH/xcba8viRlJ1qvdYS7P+9adCAmkkHWicMG8VbQCGh5iLDQTl+1QHoSNSeBcCv7thDbgHflCmajFnp0NM+ekV9Pxm+bUb6YSrq3M71q++h2y+esVn78VN/FVuD8pAfQJTLifZiQ/CwxS3g1vawzWfirrOCkgndvkvEgwZ92q5FOBvhAo255sLqksW3f6Uv0FA/LKRpw+v3O+HBDRi+BGRZZfBREVUyLEDohDJ6u1A2nk3B1gCtVJXWeQ2oLifk0YSTf0yIA7TDBUCM6aAtJQ6K2OJQzxpNlJe/NroJo8nFF6UIRbC/NsNCCuoy1+fjicpyD8a8gKbPBO7VF+FCtdrH6psJcJesR5+Qnpv2oofeq36f/V2HtbPG1/JJ5VlTfxTgP0Mlvpybb4F9Fw4NXDETYOq5XsuG5zHfSPbGMIZJHnS/eFJHg6bW3LgS0tinYRPCTSfRgZufxevaNiLSugVgriVcE5S7A4FO4M6CWzBLq0FtSYF7q4io/Y/twidsTAFFYmz3wvB03nohdZeFJWyZUIEjKGjAub5hGG//GgJX7Id8iUdeMME5IRoCDnuzct4d8vyK2osQcYCm0NWUPFeTDQmn1f8xgbvRd4Umwa/SXTmjxqMp3dNZpCAPEP7xjNWtJoLVqUB8hivLwSAGlZwfz+xksrjve/j8Q4DDLj1rZctVkG5rDi424EF9lepChP/0OOG0dxzCoIXE4mYNrBfaCPDHMQ1VTb9FwjSW9Wa9+lu8OwqlkBF9pRXDgcOHgDz8n0yb7JdHLgJwZrJEQs2f8c4ZhHa3SHNtQY+GzgPwlsE0borDhFNZOUgX5RiklN9V69t5AEfY/tC68QMbQpNCR9vCjF2goxdLIGtXa1kIlSEz1isIrKdKLYJ2h4Hc3t39mbveJCFLBzMvE1rJS7jjc4hZdsd9vcXiwOzUVL5dA05445UWtCS7DPVYoOi2N5oPOlTj+Eqzfa2xJm0+njOcOnTcUXTtXE3lW7kvockfBk7xM= C:\Windows\tasks\5a51060d-5d72-4ec2-b062-28ff8ada1ca1-5.job - C:\Program Files (x86)\TheGoPhoto.it V10\5a51060d-5d72-4ec2-b062-28ff8ada1ca1-5.exe /rawdata=XEdyVsgTMzWCZ4brDYlHqhKIevzNkWNy8rprt5hyxznJ1O+Af27PCFtGIsCA0o5Majz+R2sg7CAZ2o8WtSZPQ4lAnAvKfYw8aYejFahJeuorFJMI4crRJWrouIMMWKiE7YhwyXvID/fXIkwoR5lMIN00osWjoF7pqR2hSaqDbNBO3KaVkfwqPzqhmJ+diFD2Z074qFBxXLKw3Mha1PNoPKqNt6k/UD5HnjS1mT5UOqWzmk/bRHQ0FLE9zJg4Vyos5g7VgL9CHG2V7Wml9/dMxhUbob4R3FcGlpxi+4VJUnniJnUBw5MVL2Ly9X6vwq6bOG3vpeD8QEbNVrYFOp8B0BL5yJOB5ZX1qI4TPStW/Vesx2a051f6LO1AtkVMC6a/QXTpsuItFld6zTumrSGYy50/Odza2sB++HYbd7tgBICYcpmo0YjObQihZ9tTZ9oUbggqdYrZuChKG79o0SjCInB2hsrccgziuQ0L7+5Fa2kcJDpa8kv28VkTDKFVnyWVIdLseyjxI3VOdyGvKFYD1qkIPdql7jpCMus2mWb88Jh/5SPsxQ+EvMXF29/cI0dRR+a1EDQeVUREYrdWXhNTNumwd1aMTB1MaMNtLspGb69oyQn6+vmum5zHk7lRpxUqPbu0vhNwQY+SwK+ifmEwPvEcTpBUecptdX3ZDmfAP8pbOp939Ncdt3dbRVvd+Qwbj9wXfIVl+Gp1b6RAl25xsHaoRrd/3EvnnMAjQoIQ3KSAFdSIYTmxNFjTK/tuKadzvyoKrm/pUFGSxrp4LizM0i3Q4UyArYrw6lAbmsP4VXcuCfQW3r0ch4oUGt/80KuPSk0pZAv7zj0mlowZA+a5lYSqoC9Bq6ylSdiATjPITXnCr5wMZnniPN6IPrERUCu8sBNeyxw4MKmUp5mWv/8tWK5ZW7PPM2brxKtmf4899krbqIOuLEgfWoDBg+k9rN5kIw3GAExatfMiGDvS7cPnqqjzsMwm6DovM83ss+LXcIMBjcptyysN1MLtbe7hZ94g C:\Windows\tasks\5a51060d-5d72-4ec2-b062-28ff8ada1ca1-5_user.job - C:\Program Files (x86)\TheGoPhoto.it V10\5a51060d-5d72-4ec2-b062-28ff8ada1ca1-5.exe /rawdata=XEdyVsgTMzWCZ4brDYlHqhKIevzNkWNy8rprt5hyxznJ1O+Af27PCFtGIsCA0o5Majz+R2sg7CAZ2o8WtSZPQ4lAnAvKfYw8aYejFahJeuorFJMI4crRJWrouIMMWKiE7YhwyXvID/fXIkwoR5lMIN00osWjoF7pqR2hSaqDbNBO3KaVkfwqPzqhmJ+diFD2Z074qFBxXLKw3Mha1PNoPKqNt6k/UD5HnjS1mT5UOqWzmk/bRHQ0FLE9zJg4Vyos5g7VgL9CHG2V7Wml9/dMxhUbob4R3FcGlpxi+4VJUnniJnUBw5MVL2Ly9X6vwq6bOG3vpeD8QEbNVrYFOp8B0BL5yJOB5ZX1qI4TPStW/Vesx2a051f6LO1AtkVMC6a/QXTpsuItFld6zTumrSGYy50/Odza2sB++HYbd7tgBICYcpmo0YjObQihZ9tTZ9oUbggqdYrZuChKG79o0SjCInB2hsrccgziuQ0L7+5Fa2kcJDpa8kv28VkTDKFVnyWVIdLseyjxI3VOdyGvKFYD1qkIPdql7jpCMus2mWb88Jh/5SPsxQ+EvMXF29/cI0dRR+a1EDQeVUREYrdWXhNTNumwd1aMTB1MaMNtLspGb69oyQn6+vmum5zHk7lRpxUqPbu0vhNwQY+SwK+ifmEwPvEcTpBUecptdX3ZDmfAP8pbOp939Ncdt3dbRVvd+Qwbj9wXfIVl+Gp1b6RAl25xsHaoRrd/3EvnnMAjQoIQ3KSAFdSIYTmxNFjTK/tuKadzvyoKrm/pUFGSxrp4LizM0i3Q4UyArYrw6lAbmsP4VXcuCfQW3r0ch4oUGt/80KuPSk0pZAv7zj0mlowZA+a5lT2240Yz3MGf2/YZqP65AAIIConhxmMu4CNvZfosa2mdJOb6S3KOB7Pmg9NxH9+mbLfW1zQS3UxBac5h9subGD3/SSgIel0T5yilZsUvdJHmshrq5ihEqDwK2NkiucA0kT0SmPDtx10NBh2ZexRcxusbzyUZfBAXEqkuZ4eQ2uAB C:\Windows\tasks\5a51060d-5d72-4ec2-b062-28ff8ada1ca1-6.job - C:\Program Files (x86)\TheGoPhoto.it V10\5a51060d-5d72-4ec2-b062-28ff8ada1ca1-6.exe /rawdata=px5D5l/sBphHmfb+dViIEZS0kCwVpAy5/5i9Z5xscvQGZNgp7W93w6Y3QPFM6p42DOnNHvh2BfwJ4V83zMDJ4a7VJHRzWLqgLAMet44S+MFpWfHU5nsCqeZ0C5PKh+WUjeaOIq56vJ1tBWopj2PztSWGanX5ufGTE9Cf3hpUDm2mpcXZOGH0121QkCXy+TbZ3YNUTsdj5/U1FUcEuJ1WQkuDGTS6koaYCAq0kgm2tuciZtzxVmqvtMAIrwCg+CIPDmbPl+bjkqUkAcMnKqQ+34ddQmK1DROSk6W+GAs63hbzbOeTs6M/0zfEN7x81Rbow4NvNGLqUYJmn51+41/kia0rqnfgGZVlCFroArCDGwa4dyhl1r+kD5E/b4PHI8kM/uZpWypCoUS9pF/mhpMCCUrDiTYleEk5RXPWusMR3KH91uhxq5qYCWNsfEpSba+LbHuIDJld1mmaYRqSwPA30YdFT0h7kilVY1fLFI/yp3BSsWuTkiW5tXbxs8VxpUhLgliOoGX4mt+4fBJYqimY1uoTi4kfb12ahe7PjGWYZGik/6r3RuNerQpO75JsXl9PS8EAhuufNZMU1PzPZcfK88FNnKJB77ZK2ZFFGQ+NKUfqratvcnCxXWNhMbNlBJhmbc23W1UoAx4/BTgnbbPPHMLG4OqbWZYrJeaA29+BdwKf/WJGkulnokRC9UK5QB6CWVP4l4nSire+nCEZy/VUWD9RJPsYQXpyR8GKX7B5tuf2gyU4uTGHzLDukUGpLAuh/lqo2NfhhP4LNPClXXmcPkT4ilGxaSeytOxDtyn/fwzKbOY/8naO61fZAvqjh4805KgRytH2ZENNeoxjhoNsAk5qbLggIhaDjxZnCE5PEeVXdji68W/110wHxCRXhuR7U4L/5RLu6I6L96eHhLgWYdkcDBp5Hg/IMi+0bYAmd7H0H+hQq+oSKdzyvmX4bszHkorNf+/0+Ja5udK3A+FNZ/r4uAYKpzcag04NIb2YGaRXUwJ/OmUz7F4aBYGO5tWxdh9oikJyNoh8NE7EDMML2/UxfWP4vMaC85J3EQTce+Et/JJfx5RiUXdum7NfVbYAFiVcpFovCCIDqf3uHiOc5Q1LJsHnIExndWwriEBXDHfdDKd96WzW2zwPAtBy0tXBNZ0BhxgndCnx3QN/DLlbZtpVFSwJGydpTuXlneQCyggr1fcKbqi8PhCjI9sCEtL2EeqFn63UhNWYGImiCHYAfdKy6sVNIxdXZpohLSrCFszT2aTrhFCfntay1lSjk+SkAYUarO6l79dveiY/qP9qiysavGaXa4aKDdV3rcDU+sg3yQtRRZuK+MgE8pavnWt2H8ocDu9hbAoyOgF7Dq4/qiREdLeqjJHQ98I7MYUDKOB99LWgVeNWPaHVawsO8dcmfkZ8fkSgNIVxDIaxp/KjV3PuDfK+f17utqp929hEuablp8BcRdO65hfPDSgN5l8qVP1tt/xWYMRDs/Db0u1igfaD+LRgAJj9wMq+luk340La4qKo4QLTuIc00+V0KTpn C:\Windows\tasks\5a51060d-5d72-4ec2-b062-28ff8ada1ca1-7.job - C:\Program Files (x86)\TheGoPhoto.it V10\5a51060d-5d72-4ec2-b062-28ff8ada1ca1-7.exe /rawdata=MJv51xWYMMRBNjJygplcJcMmtkeTuUCT/qN/yAQ0j/uA77DDZSPAhsaXcj77bcZuoBxG4kdF/5l50+idAwWdUWW7lhNn4FjcqJRYVnOOdArU8fVHLDDzP/d+nQgOugH9HV3qFfZpf96gdwWtaqq5eAMlozF+8uZKJmbM7GmeovK9OulUykccKtuOCxZPGl2hIKLvy5If8SbAyIqlKrsoHWACRFElkLu91ZUJcTSEJfnHzTilgOtH627IBeKyME5Zw2bRAnMtdh3/xgEon0M6ZPvMY2m53G6XuBEX9T2gbxLUKQN5VcmRaOchgUlf5wpVErdBoxjjO69wrNURrIkZvcUPQxkSBIATuWqdNrU34wS0QRpubgW/FxaJ//d2UAuPqY/+ASuiYdKQr+8pZSlXMRBIDvTApFTK2DvhRPPf1qCTTrAdgrpLBomFKtGa0jXV/iSvF7wxPBB2B2I64uBaIuym6yhITDYUMXLYac35Fr/ONzrkfmD7GNdDS/ISrIzlbm0PjIETOrcZ4Rcfnxy8MCt/XMv7ke93Hr19R3HTme0vZ/QY1xN0rMRoUvisw1BzHq6wyhjEk/++3DqYV1c5o3EDYd78mT7LyZTO00Je9cn02gueKE8E9QCAFDPX38zZ5IYlFlTWiktcP9fXSpRl7IZfpN734ik8k3Kfh0udSRI9yv3QPDN2bBpnlvnekqPq7/jyIVM/jHLvv1npZr0H/tmGadUE4Vh2v0N/clqA8u2iv5trY+EadCdNoWDPwp3G2CuasjQecAtOiY3zyc7p2ZQrGEqWd7VfVGmIUd4Ih6whu3F2kD5HO0HoJEccvh7pLttIVCUXxiySJTHrR+P8REMC5J4POUviZfJm36JnCNuStNgRTopobTof44dbL95ywlkL79t9P8YzFBmiF3zQQxajrgSR5eAESDOy10dMYmuO6c2X1n7kkx551aSDgZLjNCMiGYAf5Pr+vDdVLH1kG1mQDP632jBf/oHdyy+KeHaC/MYRIffYcDQqGo4EM6BpPWttMvWlx7XxZTlqhs3/32g6gD2FzWAfUQQggrdRd1rIMZsSSt+07zXEBwnNak7tZhxePJRJA5f4hOcN7cey3oFslyvk2Q7EzJ+PMxd/hzc1q6F3IPeKWJmyvZZWSnEjXvoBnZyYM/JdgDlHwg+LkoaIQGqBAoKzK/HdIFhatAdoxG9zhynuibdsc2DV78Kc0btpKK909I63xEokclP7NLCsacLylt5myZ1iBfShwBPUSdEpceN1OFxfJf2xpM8ch7XMnWMhrkZi17PldIvSqey268vqWVgVC4ES8MHXHlDtaX+sj0E+eQgmfydAPFxQGWnPsmszCfsFGDLK9N5mHA== C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job - C:\Windows\TEMP\{091E3B25-29F1-4D0F-A8BC-2A7E4CF0F899}.exe --uninstall=1 C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job - C:\Windows\TEMP\{FF347B2B-5874-4233-9245-9DAB4514CEC5}.exe --uninstall=1 C:\Windows\tasks\b09351af-629b-405f-86d7-2f3223828534-1.job - C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-codedownloader.exe /rawdata=FxmPDje0atTBXJRtSktnSq24RtLy3++pfOwUm0m0nCnFFGOBfsuls/3ip/CCQJNzad5bY4ijR+72wksBNaQK8JbY3BYWsjpadc95Z5sPV0c83o/rmyLZOkTN/w9+rpNcLsBHZ8yuvbxnl36c/Utcbm8YNLjfPWBsDbNObyDa9aRMzFnkmIQEXgl8x+wLJOD01SZTFKkuF6vkM0qU4//EFxuuAahG/MHNKSkoNlHTigBL5NUUe0em3KDazuWII9lY8C8sTsCz62EIWe3D+Y6RKLOt3G7J0YbReRXQQm/+ohrXjxLG/diivf0H7cgXEd/fQhUSX76vXAKlufFRPH0pW5H/tz/J7B9qfnRBpwkKcSQOrELA25s91INF9s0IU/znmuIecIhuVWGB0NWiI6+uMZ2Mly2RmC32JkWY18cPmcuVOPzkLpSc2V4l+7AzabVpCz6RjrsaUzjSfRkKm0rM2D0uMxWaFA+Key/s/DWPeHm3b8yUkmHji6fNKQ1QugFJCXpMBNWhsiZjWBryoUcgkA+YLHvaT1znFRN2naEIdGkfRADq2ecFVIxH171DwtWf1ySeHYP0bqlfe2RwRSWd2xMvtI36E0MN2fLqI6CkTbP7/qEVCL7uCBx0pcufAejs6kGMdK94A9+0CL6OZf+s8Jzh05yEiRH9wdfU2qpOXj0qh6t+wrIzkEJNnPR8z0Eh+YKFBOOsoNIKC4o1UOSd+W0VAbV4ZvU2MkVcTNZMy5UW7s72RNVys/LTTLuNA5zIPPX2exJl5gbVlvlIXhem4N9+w3+VGRcSJDdDk3kscF9nhBQfQhSZEjT5wzLQUZX9jo9nXsPElLNtYhU3n2TP5gbLyswiUKc81bNYV4E/Yj+74AQz9/ywGqiNQ0oBLHd+y4fr2iXqMl7X00s7nYGio4qtg09z1NOmWWjEfpgHXYlWBAqwBqUkwUPmXZEtZpKp51JiA0RCX0CnAqcxrlzKSXFxXUPxuZ8sYxRJbKU1wcr/tuGNJy1YIDR2cOc+qrDBF+2e/fi+VelO394F72SdUUlEaZswCfSWx8or5DMrnAHsUWme06HZk57SPGOHFjenhq25PPV47q/cjss5+AHEfWfdi1skQuSHTIZkE2qv0wpe3xPQRxLHvLxXLzuPD2V/eiPLAf52oLxFDBJ5P0demKaHkVZdq11tkKLCyp8sEPA= C:\Windows\tasks\b09351af-629b-405f-86d7-2f3223828534-11.job - C:\Program Files (x86)\TheTorntv V10\b09351af-629b-405f-86d7-2f3223828534-11.exe /rawdata=NZ3y/0KEwsp9P2DlFxGgSLgNc4Iq/YMxfrf6A/OjgHJ3J9YDQqrlFvESvepsmPy5FEtavzxmJJndwHPogXb61cdAwnnnotawitYQObqNaH6Syrkwlu2sYsCz2T91U16ZEXozHVCmquP0Z7Byy+XkRousn3z/0A8aIKoaeOjGSPkt1nB1jLmZEWe0bkbM2JUEEYmhTkz+PvAiyvW9vayLR7sfT2RLoJ26zG7JG40bL6Jo7jZQ0B826h7Hba891dGMvzvuzyj35cldKQYA1UnbY9f6SRVKH2Fu1iGmMUHKemZ6ITpGSGDSGTE+KQzGcZ+uFtKoFfR96IRe1O//2IF/7H5PzEvj0JwU5wfb4l22E5HcbsFBL4HhAWzmDfOAbI1R7e0jYwP+28g5Me8CKZFY+cxJfNZvyfbsNzkg4siW+2vB3nZG/ZWmbauAA9erAMiEVN9NT4PWKaoh2VravnryjnuA816zJBlhvTG1iAamf0724gbPRnG4ZWLx7tX3t89PI3LLv6SgmokmQW8xy1nWMNJq1CS3e2mMDdpjvG6aEH7rquZRl43NWLUAQkSMBzZwxsBYMKPSFZXIg05++DUaFbVW4OwJqzzx2mfs+DziNyN/hDIrBxpJcIgVJd4gYk/iFH1+HDx5iZ8mbLr36k+cbWAofwPIh9+vEmqpnqeMDocMY52gymBPgrw7hVYiNONhqgQboAi4u64XASydlNyuB0XgQBIuFh+Y9L+RmGA51t6sPiCAwfjfJcZEL08ZNyzbrdxNC82ZF/jEuC7mAHduzSBR1dB4GYbF0j2LJh3IsNtjsabMNw5YLRMfP1zBrdEbenY0fJUl6cTXHx2UhSFSo5rrFfv7dJFgqFEBAv6jUURgcCfkIB4NZvsnun/Yo7qOrFqViO1qSXAe1TwMVhGxNxHFR2SvD9JomISRAvEsXYIVwL75KBJkwbmOygelD8XclCz0uupKqM8kGbJQruNewdcOkuHml979qUMutSY9FGUNJC8Z/vAnCC8PDrUUizv4CEAOx7TdeTCMMyh0l839IkIQjO1Rnkpy0XR5KqjC/KgI/HSRwPpKnshFBjnFDsVgA4HXIzJlbTBJLjOANwybmKfJ6vCBRBvTsJMtGJBgcutE1VDfPVfalWdeEP0aILo1mWliHUhDQY8Ibd3buFOcMk8mIDye9YC6fU00p/qiCa0ybzMqS9xe2PjKdQkFx1WgUI/M2pwKre6eMv+uTHevgeoRtyYyeNyooGyCEA7oOy+biQjOVI4HrL9AoEmeEg2XCIN1P2n/OYMCXYxbyYw9Kdilp6JJKOoB91/yI/MT7Vryi6QlwcfEhzEPO5JiPHAk6LLqr8SXn+trjUwBjXJbko2U6Uj45us8Ar8wQl5/ZJVqI8Vjer+P46notrPuOFeF28mwzbpSrR7SQ0vNEKA8EEGsJSRN4F0QUcz208rBraZGPXinFnAMhFv9muz8UyyLi8Wmxk3/JuqjIMjEffBYhYm5Zh/14AhLlP2bXhEiflD/gUV6+6VpLZV7orSxeBbJTzLUPCrh4xoGq7Ipgj/j3tUM7EGra7CipFvdsufEdQVXz5KYlks3jS7P5xLuDYJeHtOg590ujnNEC/0O6lbE8tSAyyKhUMPmR7RcgO++zVkOHBQN7fxJkXSfVM0f5zt1+7ScildGYgnFaH56FApZ27G/OthrGiJLps2EWEcz+Da+RCJL3KjXdvSHN3lTk2Ibi7RL58TrxlZBVndV0HzCBSKq3QUZkCfrQDDiKFf8kImNuK92qNoOOEB2fditypFmbaRUSZ7ME6+B+E/KwHeDc5YQv4Ae95XxmRbTALkSqeQgL/wMpR6tSESQ22Bu+dSwVNSlqwPYggMKJBl8K90D07/SZ+ThUdesMAQjDh2sSQDV8tMJSdJnt8DEw5NpGuPBZ52yASvcSoS2ATJsbz1gjxT+QmjLn/kYJTS5bNrW8QvfLubk6JsnuyJbfUT9QfKpvz3OvkLXqTn7MK/dMDg/xZC2M+d296Lx7Bcx8AbFww1c8ykSySLLfaMoUQnWC7DJ C:\Windows\tasks\b09351af-629b-405f-86d7-2f3223828534-2.job - C:\Program Files (x86)\TheTorntv V10\b09351af-629b-405f-86d7-2f3223828534-2.exe /rawdata=B7hT+ymRMR3ITk1DhPJoToAnpQsvXGp00d6p2qJSMsFSgVPYzzmzTbrAKFuOB6fV0y1PXz6tjNDtXR1bFwmXx6O0FN7PX3cNrQwRVuJSW+ycM9HAiytmEffBMq1b1XL3b4MnaPO8HqNUfmpbBttUfkIJNfH+iODKWkyTcwpBGjVsy1i/420om/qN0PD7fM1RtzrklGvAQTVCVi94RvVbq106X2Vd7KNmRJHqxzzSvrOgpeiQyRo6ij1Cej+9pyBSIMkL6hzpZokDKHZeK09uID2gmjldEHkJpi3uT+0oYjxzsKSXMPRAJKlW9yD5qCOxGPJBpeBgY92CUXs3+EOYyaroDgDCcpfPN8XQF5dxf8WB7uForWpbBwhkxlh67aVI546ZwxfkLiomyQR4CVxnP2YS5V9zAYZqZXSlfxqbqyUkA0AD369ZqKL30BAniaO0e6pmsMX88EbsP7sM43cmG4wcD77iQ/yqnUN5Op+ChMczhtdJI7tcnKtrmVLK/9QxlNLychMWzJi4JvWaOJ7rKlzSjBL/kTpYBa5Zn7lKnM3qRBNmPTLI2bsMtD889a6xKTXgtkHZ/ZGKzUwLSizr+Ux6uqbaXamy4X5woBvofSVCv1SZFBSZS9oe+g6Yye94TPz8ovE/1CqSblTY/opk4eHIithzbbmeP5E5iT245tbFrw9Yp2mMs4dCQm9BJrUgDBGBVBNmuGAhKMk7kIQFdlTfO/2Rh1IDNnC5+vjk59povQy7DgOPqNhSWxGaitMqNxS9l7QfnmbIcuHvJ27ZiNtomeOZ1cZ+ogW5sBH92McyHfxeA9+sDgB04PzsR3sNzqx8LJeDlrRuMmbMxCSUJg== C:\Windows\tasks\b09351af-629b-405f-86d7-2f3223828534-3.job - C:\Program Files (x86)\TheTorntv V10\b09351af-629b-405f-86d7-2f3223828534-3.exe /rawdata=tvzdF3zccEN0iWsBhCXMX7TmSy6rvgGbiW3a4zFwGbX5kI7cmIYMf/xB6mz4zEDpUKrxqq/3uvgyKgQHmNWjBP934rZ0JmpZCs6MXD9E52eBG2mZBVGg7rtND6HdhsgUm0MQBdVwAVNSZTnJ+AG2II+VvzuxU3NWNGw6eYKjKZIAAXoniOVX+X4UX3XJII7/FxnZEECr4W4j39c5WkBf7keK0nKOWGA3zzAMxIqsFs2YNJE0D9mprHAPwQgJBkolidP6BGDjSb8Vl4wVo1BZg6OlT2mnG7a7H+BsSr823+5Et6wb6aI2ISWkn8sF070OCMDHo/bs0aA1vLQDZWrmnXJPDtIZkDdNHlXuJ6EDqaOzyc1n/flSRz16aS+uqpKwKrTiXroWF6RtSkNkJzDFIItQu1iBuCry4wc7EEysx8Y1w5s22ORs3G5ifxEqk6WV3liuLKJ12B30tjazElqco8EQW/ztnbY0MKc+g8Rx6iviY/inhEcsQyiXdNsKreN1Ar4ilqycvRhbt5P/r8qLRgeSDXqzjK3F1pFOccPiRbwY5ymXoH4BDy3U9PrTNZigP8MWGWxz+bc+eYNBmrBoCSuv73t7eZphYdEi5rKLyRi5vJ8Hl1+x4AGdR0hOhcjlY1p2NcjB/hwaX0JP0bEZrqdPZmcvbiYhibBgYNxQk9u2dxea2OgzNP33bctX+wib4YVOWAuBMfGL2i3b5EqZs2n0kWOo9LvKX6n1zs+PDDhhYDYyXcRaGygMI7KVdSfXc2ymFzdOAiz73OwYZRDcJMxMA6PYkYKKwsCy74fh79CCBtMtksIcSu3sXu0ypwwl05CfstMBtkRDxvsnoV9tdYCptfax5vMHGHC/fVIBq94VdK24afWqrEkZa/57VULGVol93YagTMkx0MsljRHCGE4d9eTVFVzJJqyX7GbRWtmbmeDAuHdyRX9ebDfdkhvrMxP6eZFDWSBUkJRxXsOHmqkimrUPDfSFiqI8aGrMVZ4dD/2KLFF6as9fEnI/ldwvebmcEjSqZ8CVdUS+c8GdszuW6aawlmhcHsC0ZtU1DhW9kvpLmIfl338WvUzb4dGH+NmuHBxFeYstlJq9ZrsR40EqQMBKvViKKexAxKXHUCcY67FumR4Sl8Hj8/bnO7gjDoyTrV8l5D04S/WDU/VZTPw7jpZ6++uMGOWsVdsH/pBpVkiHwo+tnKB66onHO5TorCTOAqpWh1eiUH9PR9c0wxDfPqkXh6BPeUlhfgo/b1+o1lfokYT54k0UCnlq1WKpU3a6ip5Uh0UBzQanNWJdEcjY3r90iXVHhJ4792KH32nSeijiYenL659dYHtWhs8iyjnlTzA2rfmTljwMoopoUQ== C:\Windows\tasks\b09351af-629b-405f-86d7-2f3223828534-4.job - C:\Program Files (x86)\TheTorntv V10\b09351af-629b-405f-86d7-2f3223828534-4.exe /rawdata=QtoO4AtN99trDdfdnlC/lbXzX+Z9IwDotQ2ETTncMyq6LXQrlUdkJYGcAPiEDlXnz/U/VM/Qp42kptoGmCMlODVoaH+Jne5SQjTVRgtl2xT+VP9R7Hcl8SqJ5w4Rgrz9Xlr+f/9V29hyV8cXSoF/LRgdYpbCHZ7wUlUGM+kRNcBjyyHC+WURXTaM2rHjWFtm0nHiv8HBrztdTVxkjxxw0d79cJnVUFjYoEKENXqeJOIr/U/eX0fxDVaKyaj7TG6w3M67TJplG21JdE0SR/39jgzz20z1+0ycoUutFXXydqOgyl0bOz0IOZ1XNq8WZ9Eqi3CN9OnIodjq2xFj7VLtIJyGtbmz3cWFZfIXT4Vu2d+YrDyrqHpX+xS8XiANbJXOu3sfjzJkqdWXiA4Gz+Wx/P0cxeS5gAoLdTPG9QNDy+l5pE3OzzSh1LeG+jlYiegwbNfeGMh22NihsbHbmj3u4aYaaHRs9VRC22IgLXDZRUi05/gkHbY2BtXYFJXIsWC6nlLm88lvKa7niwtJftidKjIs9b8/PJv4L17N4aJN+edgdb4Gw9n0iSVrikK9sb1hr8JsmF+XU6C7V4FwsYnfLYbZaQ9JFk2OYT4L4MlijFMadhYKEwiREvAIAHgIvzzcS8MoS19LFNIiAZxQg2PifyVnd7o/7eNdSddbPcMhqDA6Ea+IWGaodATDYhcVHLtP7lcVd+LLWkcgznpw8Qic+/gyzM1HkdYk163JSyBj5xtkgAkeOZVYt97Um4xOeszdHbNA95QDeGB19MBLYTl7MZDqCKL+KyjobogILZX+HCgtFLHaI75J/3mvftXD7nDPE45MHUaDkQ61qIfXb3L7yYvclW7XDNDYm7zb++ys/fw/yuSpmlnhiN8QgGzxBrEauVHO8dGwV1EVYAvE3YhGHkhQRQa378/k9PeRLP8vML3HE3072ufMM2WQS3HyTvwlrs+T4AsTM2Z/y+24BbumhXP5OkOQL3TH8hJT2CFeI/IoqxWMJY+vHh/3dDH8c1P9rPPovW6YDeb5llHDBFwnM5x5bvkrIn+KiBkH57ZlOPkZ7NZ1HxIT1HYITZSdlAYld9l9UbhnirMnjHmTqNE2p47M0PBmf/bM659U4Up3L16nUmAPdApZVLu9/duJe+rzlB6a5tenmsCnSkPn+txV0HTb8mZDsuIQ7VQiN4EKtohIAVi+ulDEwdksjMLZgMFTm/CtzzxWWxeHRdCNh2Fjk1d4SNitpy/6UE4L/CPOMMciYCG0a4tbarfDZOoYUlt23piTKb3MrlouT3RWRzW5ZLALjZ6QyGNZtIUmAYc/TZLueQClTOqfpxvmeasY2Hj7QoMoI2M+H6fGpEIecHrtz2QzorpoxXvl5q7IXX8Xu/j6zFzGXEdYt729J7E29Tlj3Yj31v3oGKWaCw6uYZ0D2By4715XUVp4B8u0UcE0GBOVzdKrTuKroHL2ePBYkRE5cZrTspur4xYjYL8ZV8+d1QGkYkraDuiussz+tG/fBEW0gz86bPkurnb/cXPF8EjXHFwnT3LuItNUQgxDiHxRm1cJghKNIfIonTC1lulYkd6RFfbX4NygBUCxx+musQjLv7iDvfFNvZTp5Pw9csaLPcUwfz3tNGJvX68SOMNLmTTiUCETFayR++Fc4bLYEzcV77yMOQS8ckG7ilQ5C84oylNet8LvdMP6sk9KsUbbHMJtGsubI+XXq2NU5jm8zHl2l0C15HgGrYzs1anEe5686nXJH7zeiVa4tGJM//Drhit0b8I87rxRVRJIMZzN3tjj8wzW5TY2vTd+b6CdvaYr6RPhEAaBwSTfgad8jAeQVTvn+jrtIDMza1TKWsDS61S9NqZ6/hVRXtDcO3nHp9MctQ== C:\Windows\tasks\b09351af-629b-405f-86d7-2f3223828534-5.job - C:\Program Files (x86)\TheTorntv V10\b09351af-629b-405f-86d7-2f3223828534-5.exe /rawdata=b+f6qMW9YJYfsf7PDGGI0Tc9Bmh0pzRSBwojqSEsYPX1UYef9bYTjJxJsqMD9vHGT9BvTqenw0V1ePKZIhqZlWUf1tQO35GWDzUicTxN8DWw+h21EmarKSyNdnAZOfDfjmqaEVZblBOrc/Tq/1iIRsrkRl6HbNPLCeCObbFR+goemUhmGdksNFcEASJy2JfBvLRhWSTwUCYiJ6oqnHSFXjI68KBrZjB/N+S2PLs9X3dhMZPOLse9EVjwIFimRR4Y2/nRDglPLW/Ad8heJBJMEHBe6uULxPlKVxaZyB0XuI87NDUUZ8WGMx8jZ3YTgAxY3EDe66h5/R+2Evpw8GiGh1bf2nQuC9x5zKIs/CEUpcqSb7iRafFJSmeSPgwyqCyqy/uF3oI2F/30MblNC+Jmb+aU0VUAJVwcW2glUIZjKFcRFJ5B5QYJOWCiBN9xEAgMGes/Gj7asJaVBO8J3gSEbE880v2YlNg4Xxnffh4/7qZEpZx3X1TOqmeRyFYDVAvxUQh1t1W+aQZ5FmCy1hdFlPN5kaQRGr/wgthx5mMIRLQnt2m8qbES1Hr56nNnbExw3jbz+BPH2WQ8F2Rntge3kjvHyqIBhZph6LpNQ8OIoG7sYNrzR02haC6NfpdkqH09bATh53QzQ9OjGXT9BYQhPOpZLb2IylC7/i/lIVBQzfsSm4dkWlulmGjLBCvqau8SDeLpXB3nxfXG8BX9sS/KZ0Z4pFRws/5B36mz24SuvmOo26XcesC4P0usxti9Nt/qDy41zWFDPm2+MjtGeIdYxaGaRekIJ5Uv3psIshnkolLx62jc83WOEETmpiR9VXOmianwMJ6uixdm3a125VojQ3E49dMvU5bvU+p/ECQvgps0u7QUKtmVTNfI1slpzev6uv+2yc1jukr+Nk7lS6v2UU74jndYVdE50dMUgiFWS3FDIQkwKMYi1gRtwZK9UyfuMzJPcZBtvtSuTyp0JNlEBPknEzvTKlz4EA4Y9A7ea59+6a6tELh116SWUkfjO631 C:\Windows\tasks\b09351af-629b-405f-86d7-2f3223828534-5_user.job - C:\Program Files (x86)\TheTorntv V10\b09351af-629b-405f-86d7-2f3223828534-5.exe /rawdata=b+f6qMW9YJYfsf7PDGGI0Tc9Bmh0pzRSBwojqSEsYPX1UYef9bYTjJxJsqMD9vHGT9BvTqenw0V1ePKZIhqZlWUf1tQO35GWDzUicTxN8DWw+h21EmarKSyNdnAZOfDfjmqaEVZblBOrc/Tq/1iIRsrkRl6HbNPLCeCObbFR+goemUhmGdksNFcEASJy2JfBvLRhWSTwUCYiJ6oqnHSFXjI68KBrZjB/N+S2PLs9X3dhMZPOLse9EVjwIFimRR4Y2/nRDglPLW/Ad8heJBJMEHBe6uULxPlKVxaZyB0XuI87NDUUZ8WGMx8jZ3YTgAxY3EDe66h5/R+2Evpw8GiGh1bf2nQuC9x5zKIs/CEUpcqSb7iRafFJSmeSPgwyqCyqy/uF3oI2F/30MblNC+Jmb+aU0VUAJVwcW2glUIZjKFcRFJ5B5QYJOWCiBN9xEAgMGes/Gj7asJaVBO8J3gSEbE880v2YlNg4Xxnffh4/7qZEpZx3X1TOqmeRyFYDVAvxUQh1t1W+aQZ5FmCy1hdFlPN5kaQRGr/wgthx5mMIRLQnt2m8qbES1Hr56nNnbExw3jbz+BPH2WQ8F2Rntge3kjvHyqIBhZph6LpNQ8OIoG7sYNrzR02haC6NfpdkqH09bATh53QzQ9OjGXT9BYQhPOpZLb2IylC7/i/lIVBQzfsSm4dkWlulmGjLBCvqau8SDeLpXB3nxfXG8BX9sS/KZ0Z4pFRws/5B36mz24SuvmOo26XcesC4P0usxti9Nt/qDy41zWFDPm2+MjtGeIdYxaGaRekIJ5Uv3psIshnkolLx62jc83WOEETmpiR9VXOmianwMJ6uixdm3a125VojQ593kOfh/pvIlUeAR8iHSvPyFGvD3l14kS+5R17j4KEZnuMTv12U9NpGE/6vZh/DU2du/LyiOIYI2jjz8vqMONN6shDhxQsfyR/9rY7WkqD7rDePqgtF879uj5B/RSXcSueoBbkdcPZacRZr15Sk3CQ1e6/UYx9aCdNIAxX0SLnC C:\Windows\tasks\b09351af-629b-405f-86d7-2f3223828534-6.job - C:\Program Files (x86)\TheTorntv V10\b09351af-629b-405f-86d7-2f3223828534-6.exe /rawdata=NhB7I13/XfGrZpzRF1pacZqPkGSGQT2tvszTuEk7IHs5rNSWvscXREeYGmFFqLL3vu6NuQddrfF96BxVnrPLy/VC4In6MtQkJZ7H85F7T7T+FwqKhcvyZYfzbzV+ZA++TIpaFm2wPOS8is5V0Hc5/nZ09IbB64NhX8bagytPEZlkEGLozotbk8KJKmXTLJ+9u9QbLPEOcfejMiG0NRDhUVaBgMhKwW838zihcvO7nRW8Y42+mLxgebMQN9xSdVfPMaatADE5oDUovAMdEoBQlHj+Wyu+xKTZcgcGQh87z+V+Cj7ddsl6JIema1jO+ohwOvdR/Gd2v/oVS/c3D8bPYlKI+d9JAPzgSfwm86uI0Xktj4AMK3bafz3kAHSF2GpBzuAiplijjnleMkMsVGRvbr0CtIjgFxDKDDdrHcrD2aEuGy8jSnmrc46Ag2D9s/encK/JyX7T0ZT/QacUaA4CEU/HR0EPCX9AsPkBud9ejF/SWrQpHrgFwaZSqPDnoU6Io+uXcb6vzngOVAYkzBaiKVEexPBmBxa6AZFVoWnrWQqnQgogxmHKZIpzpxobN09L7gbcmoMFEY2mkSJIZsqgpkX/ZJXlVl8oN2k2n7hh8H6lWKB/s82KzHRvFXXX4rE8XT5fAVyIofoxU5ss3933qetCivisIMaEXcM1ASm5fTtrjvDPU+e3McfjSgQxnPWOsteruIp+oX6d+m8YRkXJgiwKmYQj7k8vy9UQm5VD7nQzuzOzJMP+gVhBnODulTjZdYOpRUo1fXTWj2aX9zp/idSGNOvCITpMVlkWcETltI0CblVyYS68WuqF9Zot1E8o0E7x01XVB52eudtFXvTwRLKZ5580sZgLhSNacMcncyBKbP5da/rwk5c6hui9Ga+EGcOabCbikdVoo+ofwUbtL0zlSzVc32rnJps51xni5aT0y2PXVMxHK7lzhIlo2A3GPuPMeZFUlyYxKHhV0qk6Rwf+LzQjcoyzdKf8gjVOwCIuRqwGil7ClFacBRBhBX5JhBR49uhVTGeI070g8isAkTWNleXopj5XzDN/8sa6qSlj0gwfkc+2F6G+a2+GuHhJIHDZYiYCqgqohPT6a9dJxBjc2CQyq3IhUNmdMl7BM+ixEdOMYuhinhS276/84s8hitj0Gm/Ax4EpTQpr7DwmouMLV56oFdJS0X3kkIAcqTw5I9OF7wOWLYI/XSSKAyoLWfLCfJo8gFm95cPSOE6jQmGlKYLa9K8Dv3sXswPhNYUjkWeUWYeiGG/bTOY0fxmoPYA1vKJ7SOqPlKVMY72xe7qi2FrvMaWIUDr24SibWJ7dBqI08l8GXxASYVTCuJAuHCwOblQWpN1uzUMSDeyM1zU4EWPyFfURPckuUEV5nwgKMt+uNkSUfZ9cjjL0JAvKHm0zL6FS7OUQgBdJ4xgJnE9bsRzREy5zlyp/1Be20WDna4smQWItYjANTUulBtE19+yrTcaCB9WWsdk2sZjVT+GWnIidbZGVY4rfFyy8ZHLYvMIOSeMn/pmU8cs27MJQ C:\Windows\tasks\b09351af-629b-405f-86d7-2f3223828534-7.job - C:\Program Files (x86)\TheTorntv V10\b09351af-629b-405f-86d7-2f3223828534-7.exe /rawdata=vereZSqkY14V4F+j1ZTkDIpppyrCJwxWyUsAZMMGLUy5md/dSeuIUfebgVcZu/BXnLBsanuYdE473knBzmH8CmoVSasW3xC8xeaUVzKh71mzlPoL4l05wdBViebjaOFMIjndm4Iuqop5l6pNNZHmIRFAVF/TbNBVTEV8wGcgaulQCGi/tpZSDvo4fUVoJhGc+TfEiCZCn07sxQLCAFE2csLTae2VpX+R3LrUHo9zdoDgivJKOZsHnXe2IEcLgEbk8f4jNDly5F1OIBZOi3ZFbzFu+xAk0VjzcCrXjuql0/7BeO0yrNmRbjojgsIWrw21NWUxTdPrxKi3kGMpH99OqmaJXyndI8QQV+Hsj7LD+RgRrzpo/g25uoFuaStXrFZSaFqUyJv39YAkV/tiZ7BImLaLj8Et6+/mSnSzip04qB0s+JxX3A8CPA0co0mLCW+hTtj1VmBF7LvdkskfHYF8MzekzijAtfHRtMjF0Uqw9hxkCNHo1byu+rTdXeR8GJfoWyQgjz+lQ4gK9Lrjb7NjGIjzitlfe8JPb3XTJESLQ/Zct0Lo+pCK/LJ1CjP99SStS+j7f/XPNJQcw52TzM+j64ZIzDIHAwfpPMEasOQZJAmh1Xx3tgOp6TTgVOj0FdMMGCwArRKoYVIGGtCns+ZHWQUdeqslsU3+Kd5QobqhR9Wf7Rjin/SiNFJw9ZYcovPMV2622o3D+FcOsGTybgwKqxNxUJ1BQzj5fPycSgO+lAhO3mD3VIhMeEaY18B0S8mY7lxkxv+M3v6SAxh7fdK5iffyZOBlcm9khyhX+I6uwgvME3K0M9OJcuhuNkiSgJJFThwz9jJV0ImdH9r2TwJUg6maKXevJPExkqlAbCnkxxeKB+FeLL4XW7RqZ1M3Ci5iSbQUIPrd/pp1MDRZcbVPMufVhelFGDMV6QR7vKqweAaXWwE+JDzdhEumx/sUcPl/YXd19uoP/EIu3fLqh7YlTWO0Cn4sRACNZ+Prh/Oy0lV2a9RI7KDXEM1bhSCGVtgQU71B8v78hrEiZEt77i+kbt7R1O2nwgaH4JLKvFTooYUy74XZEBEvi6rQNoAkhTQvyjOCJ3K5BnB+PnLk517DauIZKpv3zY0F3WJgKFg7PAbIIG9RgU4yHJyITNpbaAZXcfzUJBRniYMS0t40wDQXSE843zQPc0qcQBr8yZmsIi/HajJBrYAt8pNBLR5eUKpwIUKbNthILWXdIkVrK7L6RKewwlZZy3lCinrITsCbv+YCuLgtZw4IG96YXYJzJ+XYFamjv9hD2JAa1VNd7XBLEcEoXHiaHHX5w/R4ekzmCjcQWE8S6+oNx8uI5j6fawayMj+e+UrhRbkolE2eQcILEw== C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2652864501-1178246780-2758921404-1000Core.job - C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2652864501-1178246780-2758921404-1000UA.job - C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2652864501-1178246780-2758921404-1000Core.job - C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2652864501-1178246780-2758921404-1000UA.job - C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\HP Photo Creations Messager.job - C:\ProgramData\HP Photo Creations\MessageCheck.exe C:\Windows\tasks\PassShow Update.job - C:\Program Files (x86)\PassShow-soft\PassShowT01.exe /update C:\Windows\tasks\Torntv 2-codedownloader.job - C:\Program Files (x86)\Torntv 2\Torntv 2-codedownloader.exe /reinstallapp /agentregpath='Torntv 2' /appid=35578 /srcid='000181' /subid='0' /zdata='0' /bic=BE37B973F6B94D3CA4A4D84F7BFBDC06IE /verifier=d9b8c48e6644a3bf5949beb7e0a43267 /installerversion=1_27_153 /installerfullversion=1.27.153.8 /installationtime=1374696029 /statsdomain=http://stats.datasrvstats.com /errorsdomain=http://errors.datasrvstats.com /codedownloaddomain=http://cr.install-daddy.com /allusers /externallog='' C:\Windows\tasks\Torntv 2-enabler.job - C:\Program Files (x86)\Torntv 2\Torntv 2-enabler.exe /enablebho /agentregpath='Torntv 2' /appid=35578 /srcid='000181' /subid='0' /zdata='0' /bic=BE37B973F6B94D3CA4A4D84F7BFBDC06IE /verifier=d9b8c48e6644a3bf5949beb7e0a43267 /installerversion=1_27_153 /installationtime=1374696029 /statsdomain=http://stats.datasrvstats.com /errorsdomain=http://errors.datasrvstats.com /bhoguid=11111111-1111-1111-1111-110311551178 /allusers /externallog='' C:\Windows\tasks\Torntv 2-updater.job - C:\Program Files (x86)\Torntv 2\Torntv 2-updater.exe /rawdata=JhucQPHSHTrX5H5Nesz48b2D2ZIWLjz6sdOFyhP4FvFeeeYIEafAqVeErf6mUBYFp4vAULg4Qs/85gWU1NXn6UnlntWFKo6OMUrltDwE+yYuKIqv2suBSGOVv+2gSiAV2vdVR9eXwcDp/pMmBJc1GEeqw66uNUDa18FZ5MEQtXmu3l4gd7//M/Q1rVGTvvWJqJA8LCsf7Z3cvwj2FJgCMdmCX6WsqUG2AjEAd1Lnd06vBb8mfxLrtvtRWkG2B+7nihAQkmG9w73fZgF8pThRQQ0280+ljGhTd4jQZhReHE7tiW9LSXQInf9t+W7WPlcZPXoOklgpWbwOlLcBt73FR3HOrsPYazIQ10Wqb4c1hj7Pufy6vypjQQMu6sjE7E4gYKn9VR6lHbZ4Y1DGfWh284EEhUwFkrKh2F5TRSYxSw/Iui8OzEtiRPPAC/VPtzJYs4Ftp6Yu9NRfVl7J+GH+io9R0oL5m38677v1xwzoV8YpmLOq24lrVOLtULmTGbI1BKp+RIJjnyAxDCroKqryFxftkcWCWkw0DdPFdq0cM+rMxd/LhCk3eWzoCg0jIIOlQptLYGS5h44uUqqDA/k92ALP4pKL0FDJv1trZ5dZLIrupQKch9mFS7ni9evVh2KNOm8FP5sJr3WEz1lBkf4E9RDFRbsiBRzSyrNu9d+c5AA= ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111}] TheTorntv V10 - C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho64.dll [2014-09-08 750952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331113}] TheGoPhoto.it V10 - C:\Program Files (x86)\TheGoPhoto.it V10\TheGoPhoto.it V10-bho64.dll [2014-09-07 876392] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] Snap.DoEngine - C:\Windows\system32\mscoree.dll [2010-11-21 444752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}] scriptproxy - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120816122647.dll [2012-05-25 94720] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-12 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2014-09-17 294400] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B939CF93-F2CB-443d-956C-DC523D85C9DB}] DataMngr - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\BROWSE~1.DLL [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111}] TheTorntv V10 - C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho.dll [2014-09-08 556904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331113}] TheGoPhoto.it V10 - C:\Program Files (x86)\TheGoPhoto.it V10\TheGoPhoto.it V10-bho.dll [2014-09-07 646504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] Snap.DoEngine - C:\Windows\system32\mscoree.dll [2010-11-21 444752] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] IETabPage Class - C:\Program Files (x86)\SupTab\SupTab.dll [2014-06-19 513648] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-24 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}] scriptproxy - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120816122647.dll [2012-05-25 79776] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-12 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2014-09-17 241352] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B939CF93-F2CB-443d-956C-DC523D85C9DB}] DataMngr - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\BROWSE~1.DLL [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}] Wincore Mediabar - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-24 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] TBSB09850 Class - C:\Program Files (x86)\ChatZum Toolbar\tbunsrC3D6.tmp\tbcore3.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2014-09-17 294400] {ae07101b-46d4-4a98-af68-0333ea26e113} - Snap.Do - C:\Windows\system32\mscoree.dll [2010-11-21 444752] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-12 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2014-09-17 241352] {37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - ChatZum Toolbar - C:\Program Files (x86)\ChatZum Toolbar\tbunsrC3D6.tmp\tbcore3.dll [] {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - Wincore Mediabar - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll [] {ae07101b-46d4-4a98-af68-0333ea26e113} - Snap.Do - C:\Windows\system32\mscoree.dll [2010-11-21 444752] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-12 194504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2011-03-30 38304] "Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2011-02-10 1546720] "TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2011-03-02 566696] "HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2010-09-25 296824] "TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2011-03-09 967544] "SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2010-12-14 316032] "Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2011-04-07 1544104] "TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-12-08 710040] "TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2011-07-01 712096] "TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2011-03-03 597928] "TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376] "Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2011-08-10 150992] "Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [2011-05-16 846936] "iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2013-11-20 59720] "ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2013-11-20 59720] "TBHostSupport"=C:\Windows\SysWOW64\Rundll32.exe [2009-07-14 44544] "HP Photosmart 5520 series (NET)"=C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416] "APISupport"=C:\Windows\SysWOW64\Rundll32.exe [2009-07-14 44544] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-10-01 22065760] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2012-03-21 1675160] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-11-11 343168] "ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START [] "TSleepSrv"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [2010-06-04 252792] "ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2010-11-29 1294712] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2014-11-04 4411952] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-11-02 152392] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888] "Hercules DJ Series"=C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe [2012-11-26 3413912] "vProt"=C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2014-10-13 2662424] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe Toshiba Places Icon Utility.lnk - C:\Program Files\Toshiba\TOSHIBA Places Icon Utility\TosDIMonitor.exe C:\Users\siemen roosje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup MyPC Backup.lnk - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~2\SupTab\SEARCH~2.DLL" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "LogonHoursAction"=2 "DontDisplayLogonHoursWarnings"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux2"=wdmaud.drv "wave6"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "aux3"=wdmaud.drv "wave7"=wdmaud.drv "midi7"=wdmaud.drv "mixer7"=wdmaud.drv "aux4"=wdmaud.drv "wave8"=wdmaud.drv "midi8"=wdmaud.drv "mixer8"=wdmaud.drv "aux5"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 3 months====== 2014-12-10 17:41:36 ----D---- C:\rsit 2014-12-10 17:41:36 ----D---- C:\Program Files\trend micro 2014-11-19 16:29:06 ----A---- C:\Windows\SYSWOW64\pku2u.dll 2014-11-19 16:29:06 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2014-11-19 16:29:06 ----A---- C:\Windows\system32\pku2u.dll 2014-11-19 16:29:06 ----A---- C:\Windows\system32\kerberos.dll 2014-11-12 19:54:24 ----A---- C:\Windows\system32\termsrv.dll 2014-11-12 19:54:24 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2014-11-12 19:54:22 ----A---- C:\Windows\SYSWOW64\adtschema.dll 2014-11-12 19:54:22 ----A---- C:\Windows\system32\lsasrv.dll 2014-11-12 19:54:22 ----A---- C:\Windows\system32\adtschema.dll 2014-11-12 19:54:11 ----A---- C:\Windows\SYSWOW64\msaudite.dll 2014-11-12 19:54:11 ----A---- C:\Windows\system32\msaudite.dll 2014-11-12 19:54:10 ----A---- C:\Windows\SYSWOW64\secur32.dll 2014-11-12 19:54:09 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2014-11-12 19:53:38 ----A---- C:\Windows\system32\msi.dll 2014-11-12 19:53:37 ----A---- C:\Windows\SYSWOW64\msi.dll 2014-11-12 19:52:53 ----A---- C:\Windows\system32\schannel.dll 2014-11-12 19:52:52 ----A---- C:\Windows\SYSWOW64\schannel.dll 2014-11-12 19:52:52 ----A---- C:\Windows\system32\ncrypt.dll 2014-11-12 19:52:51 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2014-11-12 19:52:47 ----A---- C:\Windows\SYSWOW64\msv1_0.dll 2014-11-12 19:52:47 ----A---- C:\Windows\system32\msv1_0.dll 2014-11-12 19:52:46 ----A---- C:\Windows\system32\wdigest.dll 2014-11-12 19:52:45 ----A---- C:\Windows\SYSWOW64\wdigest.dll 2014-11-12 19:52:45 ----A---- C:\Windows\system32\TSpkg.dll 2014-11-12 19:52:44 ----A---- C:\Windows\SYSWOW64\TSpkg.dll 2014-11-12 19:52:42 ----A---- C:\Windows\system32\credssp.dll 2014-11-12 19:52:41 ----A---- C:\Windows\SYSWOW64\credssp.dll 2014-11-12 19:51:29 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL 2014-11-12 19:51:29 ----A---- C:\Windows\system32\IMJP10K.DLL 2014-11-12 19:51:19 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-11-12 19:51:18 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-11-12 19:51:16 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2014-11-12 19:51:16 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-11-12 19:51:16 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-11-12 19:51:15 ----A---- C:\Windows\system32\ie4uinit.exe 2014-11-12 19:51:14 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-11-12 19:51:14 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2014-11-12 19:51:14 ----A---- C:\Windows\system32\iernonce.dll 2014-11-12 19:51:11 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2014-11-12 19:51:10 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-11-12 19:51:10 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-11-12 19:51:10 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-12 19:51:09 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-11-12 19:51:06 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-11-12 19:51:06 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-11-12 19:51:05 ----A---- C:\Windows\system32\iedkcs32.dll 2014-11-12 19:51:04 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-11-12 19:51:04 ----A---- C:\Windows\system32\urlmon.dll 2014-11-12 19:51:01 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-11-12 19:51:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-11-12 19:51:00 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-11-12 19:51:00 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-11-12 19:50:59 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-11-12 19:50:58 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-11-12 19:50:58 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-11-12 19:50:58 ----A---- C:\Windows\system32\msfeeds.dll 2014-11-12 19:50:58 ----A---- C:\Windows\system32\dxtrans.dll 2014-11-12 19:50:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-11-12 19:50:56 ----A---- C:\Windows\system32\iesetup.dll 2014-11-12 19:50:55 ----A---- C:\Windows\system32\ieapfltr.dll 2014-11-12 19:50:53 ----A---- C:\Windows\system32\iertutil.dll 2014-11-12 19:50:51 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-11-12 19:50:51 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2014-11-12 19:50:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-11-12 19:50:50 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-11-12 19:50:50 ----A---- C:\Windows\system32\jsproxy.dll 2014-11-12 19:50:50 ----A---- C:\Windows\system32\ieUnatt.exe 2014-11-12 19:50:49 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-11-12 19:50:49 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2014-11-12 19:50:47 ----A---- C:\Windows\system32\ieui.dll 2014-11-12 19:50:47 ----A---- C:\Windows\system32\dxtmsft.dll 2014-11-12 19:50:46 ----A---- C:\Windows\system32\ieframe.dll 2014-11-12 19:50:45 ----A---- C:\Windows\system32\mshtmlmedia.dll 2014-11-12 19:50:45 ----A---- C:\Windows\system32\mshtmled.dll 2014-11-12 19:50:44 ----A---- C:\Windows\system32\jscript9diag.dll 2014-11-12 19:50:44 ----A---- C:\Windows\system32\jscript9.dll 2014-11-12 19:50:43 ----A---- C:\Windows\system32\wininet.dll 2014-11-12 19:50:43 ----A---- C:\Windows\system32\vbscript.dll 2014-11-12 19:50:42 ----A---- C:\Windows\system32\msrating.dll 2014-11-12 19:50:42 ----A---- C:\Windows\system32\MshtmlDac.dll 2014-11-12 19:50:40 ----A---- C:\Windows\system32\mshtml.dll 2014-11-12 19:50:33 ----A---- C:\Windows\system32\msxml3.dll 2014-11-12 19:50:32 ----A---- C:\Windows\SYSWOW64\msxml3r.dll 2014-11-12 19:50:32 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-11-12 19:50:31 ----A---- C:\Windows\system32\msxml3r.dll 2014-11-12 19:50:28 ----A---- C:\Windows\system32\win32k.sys 2014-11-12 19:50:23 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll 2014-11-12 19:50:23 ----A---- C:\Windows\system32\audiosrv.dll 2014-11-12 19:50:23 ----A---- C:\Windows\system32\AUDIOKSE.dll 2014-11-12 19:50:22 ----A---- C:\Windows\system32\EncDump.dll 2014-11-12 19:50:22 ----A---- C:\Windows\system32\AudioSes.dll 2014-11-12 19:50:22 ----A---- C:\Windows\system32\AudioEng.dll 2014-11-12 19:50:21 ----A---- C:\Windows\SYSWOW64\AudioSes.dll 2014-11-12 19:50:21 ----A---- C:\Windows\SYSWOW64\AudioEng.dll 2014-11-12 19:49:51 ----A---- C:\Windows\system32\packager.dll 2014-11-12 19:49:50 ----A---- C:\Windows\SYSWOW64\packager.dll 2014-11-12 19:49:34 ----A---- C:\Windows\system32\oleaut32.dll 2014-11-12 19:49:33 ----A---- C:\Windows\SYSWOW64\oleaut32.dll 2014-11-04 00:30:04 ----A---- C:\Windows\system32\drivers\avgldx64.sys 2014-10-29 20:10:23 ----D---- C:\Users\siemen roosje\AppData\Roaming\LolClient 2014-10-29 19:18:27 ----D---- C:\ProgramData\Riot Games 2014-10-29 19:16:58 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll 2014-10-29 19:16:58 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll 2014-10-29 19:16:56 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll 2014-10-29 19:16:56 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll 2014-10-29 19:16:51 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll 2014-10-29 19:15:49 ----D---- C:\Riot Games 2014-10-29 19:06:12 ----D---- C:\Users\siemen roosje\AppData\Roaming\Riot Games 2014-10-20 18:01:11 ----D---- C:\Users\siemen roosje\AppData\Roaming\.technic 2014-10-17 15:34:46 ----A---- C:\Windows\system32\drivers\avgtdia.sys 2014-10-15 17:27:26 ----RD---- C:\Program Files (x86)\Skype 2014-10-15 17:10:59 ----A---- C:\Windows\SYSWOW64\mscorier.dll 2014-10-15 17:10:59 ----A---- C:\Windows\system32\mscorier.dll 2014-10-15 17:10:58 ----A---- C:\Windows\SYSWOW64\dfshim.dll 2014-10-15 17:10:58 ----A---- C:\Windows\system32\dfshim.dll 2014-10-15 17:10:56 ----A---- C:\Windows\system32\mscories.dll 2014-10-15 17:10:55 ----A---- C:\Windows\SYSWOW64\mscories.dll 2014-10-15 17:06:24 ----A---- C:\Windows\system32\KBDTAT.DLL 2014-10-15 17:06:23 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL 2014-10-15 17:06:22 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL 2014-10-15 17:06:22 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL 2014-10-15 17:06:22 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL 2014-10-15 17:06:21 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL 2014-10-15 17:06:21 ----A---- C:\Windows\system32\KBDRU1.DLL 2014-10-15 17:06:21 ----A---- C:\Windows\system32\KBDRU.DLL 2014-10-15 17:06:20 ----A---- C:\Windows\system32\KBDYAK.DLL 2014-10-15 17:06:20 ----A---- C:\Windows\system32\KBDBASH.DLL 2014-10-15 13:52:38 ----A---- C:\Windows\system32\rastls.dll 2014-10-15 13:52:29 ----A---- C:\Windows\SYSWOW64\rastls.dll 2014-10-15 13:52:14 ----A---- C:\Windows\SYSWOW64\mstscax.dll 2014-10-15 13:52:13 ----A---- C:\Windows\system32\mstscax.dll 2014-10-15 13:52:12 ----A---- C:\Windows\SYSWOW64\mstsc.exe 2014-10-15 13:52:12 ----A---- C:\Windows\system32\mstsc.exe 2014-10-15 13:52:11 ----A---- C:\Windows\system32\winsta.dll 2014-10-15 13:52:10 ----A---- C:\Windows\SYSWOW64\winsta.dll 2014-10-15 13:52:10 ----A---- C:\Windows\system32\winlogon.exe 2014-10-15 13:52:10 ----A---- C:\Windows\system32\rdpcorekmts.dll 2014-10-15 13:52:10 ----A---- C:\Windows\system32\drivers\rdpwd.sys 2014-10-15 13:52:09 ----A---- C:\Windows\SYSWOW64\aaclient.dll 2014-10-15 13:51:42 ----A---- C:\Windows\system32\drivers\tssecsrv.sys 2014-10-04 19:39:45 ----A---- C:\Windows\system32\qdvd.dll 2014-10-04 19:39:44 ----A---- C:\Windows\SYSWOW64\qdvd.dll 2014-09-24 20:17:09 ----A---- C:\Windows\SYSWOW64\tzres.dll 2014-09-24 20:17:09 ----A---- C:\Windows\system32\tzres.dll 2014-09-17 16:28:44 ----D---- C:\Users\siemen roosje\AppData\Roaming\MOVAVI 2014-09-17 12:07:39 ----A---- C:\Windows\SYSWOW64\msvcr71.dll 2014-09-17 12:07:39 ----A---- C:\Windows\SYSWOW64\msvcp71.dll 2014-09-17 12:07:38 ----A---- C:\Windows\SYSWOW64\MFC71u.dll 2014-09-17 12:07:38 ----A---- C:\Windows\SYSWOW64\MFC71.dll 2014-09-17 12:07:38 ----A---- C:\Windows\SYSWOW64\atl71.dll 2014-09-17 12:07:34 ----D---- C:\Program Files\DIFX 2014-09-17 12:07:23 ----A---- C:\Windows\system32\drivers\tiehdusb.sys 2014-09-13 17:00:23 ----A---- C:\Windows\system32\msmpeg2vdec.dll 2014-09-13 17:00:22 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll 2014-09-12 15:49:42 ----A---- C:\Windows\system32\TSWorkspace.dll 2014-09-12 15:49:41 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll 2014-09-12 15:47:52 ----A---- C:\Windows\system32\d3d10warp.dll 2014-09-12 15:47:50 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll ======List of files/folders modified in the last 3 months====== 2014-12-10 17:55:30 ----D---- C:\Windows\Temp 2014-12-10 17:51:21 ----D---- C:\Users\siemen roosje\AppData\Roaming\Skype 2014-12-10 17:41:36 ----RD---- C:\Program Files 2014-12-10 17:39:49 ----D---- C:\ProgramData\MFAData 2014-12-10 17:05:49 ----D---- C:\Windows\system32\config 2014-12-10 16:45:24 ----D---- C:\Windows\system32\catroot 2014-12-10 16:45:20 ----D---- C:\Windows\system32\catroot2 2014-12-10 16:43:28 ----D---- C:\Windows\winsxs 2014-12-09 11:43:01 ----D---- C:\Users\siemen roosje\AppData\Roaming\.minecraft 2014-12-09 11:15:24 ----D---- C:\Windows\SysWOW64 2014-12-04 18:43:35 ----SHD---- C:\Windows\Installer 2014-12-04 18:43:35 ----SHD---- C:\Config.Msi 2014-11-24 17:46:47 ----A---- C:\Windows\ntbtlog.txt 2014-11-20 20:51:36 ----D---- C:\Windows\system32\drivers 2014-11-20 17:50:22 ----D---- C:\Windows\System32 2014-11-20 16:42:42 ----SHD---- C:\System Volume Information 2014-11-16 08:01:50 ----D---- C:\Program Files\mcafee 2014-11-16 08:01:45 ----D---- C:\ProgramData\McAfee 2014-11-16 08:01:08 ----D---- C:\Windows\system32\wbem 2014-11-16 08:01:08 ----D---- C:\Windows 2014-11-16 07:59:21 ----D---- C:\Windows\Tasks 2014-11-16 07:59:21 ----D---- C:\Windows\registration 2014-11-16 00:15:41 ----D---- C:\Windows\Microsoft.NET 2014-11-16 00:05:37 ----RSD---- C:\Windows\assembly 2014-11-15 22:21:33 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-11-15 22:07:12 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-11-15 22:07:12 ----D---- C:\Windows\SYSWOW64\it-IT 2014-11-15 22:07:12 ----D---- C:\Windows\SYSWOW64\fr-FR 2014-11-15 22:07:12 ----D---- C:\Windows\SYSWOW64\en-US 2014-11-15 22:07:12 ----D---- C:\Windows\SYSWOW64\de-DE 2014-11-15 22:07:11 ----D---- C:\Windows\system32\nl-NL 2014-11-15 22:07:11 ----D---- C:\Windows\system32\it-IT 2014-11-15 22:07:11 ----D---- C:\Windows\system32\fr-FR 2014-11-15 22:07:11 ----D---- C:\Windows\system32\en-US 2014-11-15 22:07:11 ----D---- C:\Windows\system32\de-DE 2014-11-15 22:07:10 ----D---- C:\Program Files\Internet Explorer 2014-11-15 22:06:58 ----D---- C:\Program Files (x86)\Internet Explorer 2014-11-15 21:38:00 ----D---- C:\Windows\system32\DriverStore 2014-11-15 21:38:00 ----D---- C:\Windows\inf 2014-11-15 21:16:08 ----D---- C:\Windows\Logs 2014-11-15 21:08:36 ----SD---- C:\Users\siemen roosje\AppData\Roaming\Microsoft 2014-11-13 19:06:50 ----D---- C:\Windows\system32\MRT 2014-11-13 18:52:32 ----A---- C:\Windows\system32\MRT.exe 2014-11-12 19:42:56 ----RD---- C:\Program Files (x86) 2014-11-04 14:30:58 ----N---- C:\Windows\system32\MpSigStub.exe 2014-11-03 20:17:28 ----D---- C:\Program Files (x86)\MyPC Backup 2014-10-29 19:29:52 ----D---- C:\Program Files (x86)\TOSHIBA Games 2014-10-29 19:25:07 ----RSD---- C:\Windows\Fonts 2014-10-29 19:21:36 ----D---- C:\Users\siemen roosje\AppData\Roaming\Systweak 2014-10-29 19:18:27 ----HD---- C:\ProgramData 2014-10-29 09:04:12 ----D---- C:\ProgramData\Tarma Installer 2014-10-29 09:00:16 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2014-10-29 08:54:30 ----D---- C:\Program Files (x86)\TheGoPhoto.it V10 2014-10-28 21:14:55 ----D---- C:\Users\siemen roosje\AppData\Roaming\Azureus 2014-10-28 21:14:11 ----D---- C:\Program Files (x86)\TheTorntv V10 2014-10-28 19:38:44 ----D---- C:\Users\siemen roosje\AppData\Roaming\Movdap 2014-10-27 17:16:42 ----D---- C:\ProgramData\AVG2013 2014-10-15 17:27:38 ----D---- C:\ProgramData\Skype 2014-10-15 17:27:26 ----D---- C:\Program Files (x86)\Common Files 2014-10-15 17:27:15 ----D---- C:\Program Files (x86)\AkaiPro 2014-10-13 18:29:28 ----D---- C:\Program Files (x86)\AVG Web TuneUp 2014-09-17 12:06:52 ----D---- C:\Windows\twain_32 2014-09-16 18:43:32 ----D---- C:\Windows\system32\Tasks ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-07-20 71480] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-07-20 311608] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-07-01 116536] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-10-23 45880] R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2012-02-22 647208] R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2012-02-22 289664] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-11-25 246072] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-11-04 209720] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-10-17 240952] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-29 50976] R1 mfenlfk;McAfee NDIS Light Filter; C:\Windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 75936] R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2010-11-29 82224] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-11-11 10496512] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-11-10 326656] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-05-24 2750464] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-09-24 116752] R3 BtFilter;Bluetooth LowerFilter Class Filter Driver; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-18 42096] R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2012-02-22 65264] R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2011-01-27 1577088] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-02-09 77424] R3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2012-02-22 160792] R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2012-02-22 229528] R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2012-02-22 487296] R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2011-02-08 38096] R3 QIOMem;Generic IO & Memory Access; C:\Windows\system32\drivers\QIOMem.sys [2009-06-15 12800] R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288] R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784] R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664] R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2010-06-18 18872] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328] S3 Bulk;HDJBulk; C:\Windows\System32\Drivers\HDJBulk.sys [2012-10-30 238960] S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856] S3 HDJAsioK;HDJAsioK; C:\Windows\System32\Drivers\HDJAsioK.sys [2012-10-30 306032] S3 mferkdet;McAfee Inc. mferkdet; C:\Windows\system32\drivers\mferkdet.sys [2012-02-22 100912] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [] S3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RTSUVSTOR.sys [] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920] S3 TIEHDUSB;TI Core USB Driver; C:\Windows\system32\DRIVERS\tiehdusb.sys [2012-03-07 128512] S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2011-02-23 291120] S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2010-11-11 50864] S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2010-08-30 94528] S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472] S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2010-04-26 63488] S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2011-01-27 67384] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-11-10 204288] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2014-10-17 4942384] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-11-20 283136] R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200] R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448] R2 HerculesDJControlMP3;Hercules DJ Control MP3; C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [2012-09-06 18944] R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-06-19 757872] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936] R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936] R2 mcmscsvc;McAfee Services; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936] R2 McNASvc;McAfee Network Agent; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936] R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936] R2 McShield;McAfee McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2012-03-20 199272] R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-03-20 210584] R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2012-03-20 162192] R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936] R2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2012-10-04 6371192] R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2010-10-20 138656] R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2010-12-09 489384] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-04-07 294328] R2 vToolbarUpdater3.2.0;vToolbarUpdater3.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [2014-08-29 1843736] R2 WebCake Desktop Updater;WebCake Desktop Updater; C:\Program Files (x86)\Movdap\WBDesktop.Updater.exe [2013-08-10 51992] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 641352] R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-11-29 54136] R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-04-12 196976] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-08 137632] R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-07-01 828856] S2 BackupStack;Computer Backup (MyPC Backup); C:\Program Files (x86)\MyPC Backup\BackupStack.exe [] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-09-07 68608] S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20 107912] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008] S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-09-07 68608] S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20 107912] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-20 194032] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 114688] S3 McAWFwk;McAfee Activation Service; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [2011-01-28 225216] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-06-05 1255736] S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 McOobeSv;McAfee OOBE Service; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------