Logfile of random's system information tool 1.10 (written by random/random)
Run by Deborah at 2016-04-13 12:55:22
Microsoft Windows 8.1 
System drive C: has 101 GB (22%) free of 459 GB
Total RAM: 3543 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:55:42, on 13-4-2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\UMonit64.exe
C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
C:\Users\Deborah\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Users\Deborah\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Deborah\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
C:\Users\Deborah\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Deborah.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O4 - HKLM\..\Run: [Adobe ARM] "c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"
O4 - HKCU\..\Run: [AppEx Accelerator UI] "C:\Program Files\AMD Quick Stream\AMDQuickStream.exe" -h
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Users\Deborah\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Deborah\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_07362C87AD547772D6A805B506DE3AA6] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\RunOnce: [Application Restart #2] C:\Users\Deborah\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Deborah\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Users\Deborah\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Deborah\AppData\Local\SweetLabs App Platform\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service: Dropbox-update-service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox-update-service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Windows Connectiviteit voor Gramblr. (gramblrclient) - Unknown owner - C:\Program Files\Gramblr\gramblr.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Technology Access Software Asset Manager (Intel(R) TA SAM) - Intel Corporation - C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: Intel(R) Technology Access Legacy CS Loader (Intel(R) TechnologyAccessLegacyCSLoader) - Intel(R) Corporation - C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
O23 - Service: Intel(R) Technology Access Service (Intel(R) TechnologyAccessService) - Intel(R) Corporation - C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Quick Access Service (QASvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: Quick Access RadioMgr Service (RMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - @ByELDI - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: tbaseprovisioning - Advanced Micro Devices, Inc. - C:\Windows\SysWOW64\tbaseprovisioning.exe
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15480 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\SysWOW64\tbaseprovisioning.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe"
"C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe"
"C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {d49b9e18-4460-4e09-a67a97fd43ef7c18}
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe"
"C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files\KMSpico\Service_KMS.exe"
C:\Windows\system32\svchost.exe -k imgsvc
taskeng.exe {4CA85C24-B82D-4B94-8404-0AFC33F18AF0}
taskhostex.exe 
"C:\Users\Deborah\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe" /LOGON
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /c
"C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe"
C:\Windows\SysWOW64\UMonit64.exe 
"C:\Windows\explorer.exe" 
"C:\Windows\system32\GWX\GWX.exe" 
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Acer\Acer Quick Access\QASvc.exe"
"C:\Program Files\Acer\Acer Quick Access\RMSvc.exe"
"C:\Program Files\Acer\Acer Quick Access\QAEvent.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Acer\Acer Quick Access\QAMsg.exe" 
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Launch Manager\LMTray.exe" 
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe" -hide
"C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe" task
"C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe" task
"C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe" task
"C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe" -r "C:\Users\Deborah\AppData\Local\AOP SDK\Acer Infra\acer\SyncAgent" -u S-1-5-21-1173026733-721704400-2366032540-1001 -c 356 -s 538 -g "C:\ProgramData\acer\CCD"
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\iTunes\iTunesHelper.exe" 
"C:\Program Files\AMD Quick Stream\AMDQuickStream.exe" -h
"C:\Users\Deborah\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
"C:\Users\Deborah\AppData\Roaming\Spotify\SpotifyWebHelper.exe" 
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" 
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe" /AUTORUN
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
-BootProc
"C:\Program Files (x86)\Browny02\BrYNSvc.exe"
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
-BootProc
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" 
"C:\Users\Deborah\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe" 
"C:\Users\Deborah\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe" --type=renderer --disable-breakpad --disable-desktop-notifications --disable-logging --disable-speech-input --lang=en-US --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/5/OneClickSignIn/Standard/Prefetch/ContentPrefetchPrefetchOff/Prerender/Prerender15minTTL/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwndMin10/SpeculativePrefetchingLearning/SpeculativePrefetchingLearningEnabled/Test0PercentDefault/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/default/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/last_accessed_socket/ --noerrdialogs --disable-client-side-phishing-detection --disable-bundled-ppapi-flash --channel="7116.1.2144428154\2146197317" /prefetch:3
"C:\Users\Deborah\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exe" 
taskhost.exe 
C:\Windows\system32\DllHost.exe /Processid:{478B41E6-3257-4519-BDA8-E971F9843849}
"C:\Program Files\Gramblr\gramblr.exe"
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe" -START
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Deborah\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=49.0.2623.112 --handshake-handle=0x148
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="8064.0.1701031267\127701545" --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,11,25,54 --gpu-vendor-id=0x1002 --gpu-device-id=0x9852 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.302.1101.1001 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,WebFontsIntervention<WebFontsIntervention --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=nl --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_36/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8064.2.2096974800\1550895048" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,WebFontsIntervention<WebFontsIntervention --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=nl --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_36/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8064.3.474185009\1551676484" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,WebFontsIntervention<WebFontsIntervention --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=nl --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_36/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8064.5.845912506\1290890741" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,WebFontsIntervention<WebFontsIntervention --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=nl --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_36/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8064.6.1540124966\630733906" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,WebFontsIntervention<WebFontsIntervention --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=nl --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_36/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8064.24.1042657693\514633383" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,WebFontsIntervention<WebFontsIntervention --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=nl --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_36/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8064.25.1698063557\945045490" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,WebFontsIntervention<WebFontsIntervention --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=nl --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_36/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8064.26.1898372458\333523003" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,WebFontsIntervention<WebFontsIntervention --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=nl --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_36/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8064.27.1302490619\269870691" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,WebFontsIntervention<WebFontsIntervention --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=nl --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_36/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8064.28.984434236\463244449" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,WebFontsIntervention<WebFontsIntervention --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=nl --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_36/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8064.29.1609769999\1073737282" /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe14_ Global\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 

"C:\Users\Deborah\Desktop\RSITx64.exe" 

======Scheduled tasks folder======

C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d04058851f5bbb.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0e1c4301bec4.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0405885c3e04b.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d08fae94042f45.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0bfa6df38ee5c.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0efc0587a1173.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d12f6e3ae0758d.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Deborah\AppData\Roaming\Mozilla\Firefox\Profiles\77fklm91.default

prefs.js - "browser.search.useDBForOrder" -  true
prefs.js - "browser.startup.homepage" -  "https://www.malwarebytes.org/restorebrowser/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
DVDVideoSoft IE Extension - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-11-20 357376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
DVDVideoSoft IE Extension - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-11-22 323752]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-21 13672304]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-02-24 5581888]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-07-11 170280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AppEx Accelerator UI"=C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [2013-12-20 431328]
"EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [2009-03-28 3325952]
"Octoshape Streaming Services"=C:\Users\Deborah\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2014-08-01 500016]
"Spotify Web Helper"=C:\Users\Deborah\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2016-04-11 1524336]
"GoogleChromeAutoLaunch_07362C87AD547772D6A805B506DE3AA6"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2016-04-06 874648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #2"=C:\Users\Deborah\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Deborah\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session []
"Application Restart #1"=C:\Users\Deborah\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [2016-03-11 7874536]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-09-05 958576]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-03-23 766688]
"ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2012-08-28 143360]
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2012-06-06 3076096]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2014-10-07 843480]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2016-03-12 25577864]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware (cleanup)"=C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [2016-03-10 55264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-04-13 12:55:23 ----D---- C:\Program Files\trend micro
2016-04-13 12:55:22 ----D---- C:\rsit
2016-04-13 12:01:42 ----A---- C:\Windows\system32\drivers\quhgj.sys
2016-04-12 22:37:34 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-04-12 22:37:07 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-04-12 22:37:07 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-04-12 22:37:06 ----D---- C:\ProgramData\Malwarebytes
2016-04-12 22:37:06 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-12 22:37:06 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-04-02 22:48:46 ----A---- C:\Users\Deborah\AppData\Roaming\redirect2.dat
2016-04-01 23:25:01 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2016-04-01 23:25:01 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2016-04-01 23:25:01 ----A---- C:\Windows\system32\d3dx10_40.dll
2016-04-01 23:25:01 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2016-04-01 23:24:58 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2016-04-01 23:24:58 ----A---- C:\Windows\system32\D3DX9_40.dll
2016-04-01 21:18:02 ----A---- C:\Users\Deborah\AppData\Roaming\Launcher.dat
2016-04-01 21:17:57 ----A---- C:\Users\Deborah\AppData\Roaming\update.dat
2016-04-01 21:06:40 ----SHD---- C:\Config.Msi
2016-03-21 13:48:22 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2016-03-21 13:48:21 ----A---- C:\Windows\system32\glcndFilter.dll
2016-03-21 13:48:20 ----A---- C:\Windows\SYSWOW64\glcndFilter.dll
2016-03-21 13:48:19 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2016-03-21 13:48:15 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-03-21 13:48:10 ----A---- C:\Windows\system32\drivers\srv.sys
2016-03-21 13:48:07 ----A---- C:\Windows\system32\generaltel.dll
2016-03-21 13:48:07 ----A---- C:\Windows\system32\appraiser.dll
2016-03-21 13:48:06 ----A---- C:\Windows\system32\aeinv.dll
2016-03-21 13:48:06 ----A---- C:\Windows\system32\acmigration.dll
2016-03-21 13:48:04 ----A---- C:\Windows\system32\invagent.dll
2016-03-21 13:48:04 ----A---- C:\Windows\system32\devinv.dll
2016-03-21 13:48:04 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-03-21 13:48:00 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2016-03-21 13:48:00 ----A---- C:\Windows\system32\wscsvc.dll
2016-03-21 13:48:00 ----A---- C:\Windows\system32\wscapi.dll
2016-03-21 13:47:56 ----AC---- C:\Windows\system32\drivers\usbehci.sys
2016-03-21 13:47:27 ----A---- C:\Windows\system32\iertutil.dll
2016-03-21 13:47:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-03-21 13:47:25 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-03-21 13:47:25 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-03-21 13:47:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-03-21 13:47:17 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-03-21 13:47:14 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-03-21 13:47:14 ----A---- C:\Windows\system32\urlmon.dll
2016-03-21 13:47:13 ----A---- C:\Windows\SYSWOW64\hlink.dll
2016-03-21 13:47:12 ----A---- C:\Windows\system32\vbscript.dll
2016-03-21 13:47:10 ----A---- C:\Windows\system32\msfeeds.dll
2016-03-21 13:47:06 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-03-21 13:47:04 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-03-21 13:47:02 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-03-21 13:47:01 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-03-21 13:47:01 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-03-21 13:47:00 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-03-21 13:47:00 ----A---- C:\Windows\system32\jscript.dll
2016-03-21 13:46:58 ----A---- C:\Windows\system32\ieframe.dll
2016-03-21 13:46:55 ----A---- C:\Windows\system32\webcheck.dll
2016-03-21 13:46:54 ----A---- C:\Windows\system32\jscript9.dll
2016-03-21 13:46:54 ----A---- C:\Windows\system32\ieapfltr.dll
2016-03-21 13:46:53 ----A---- C:\Windows\system32\wininet.dll
2016-03-21 13:46:53 ----A---- C:\Windows\system32\inetcomm.dll
2016-03-21 13:46:45 ----A---- C:\Windows\system32\mshtml.dll
2016-03-21 13:46:37 ----A---- C:\Windows\system32\actxprxy.dll
2016-03-21 13:46:34 ----A---- C:\Windows\system32\hlink.dll
2016-03-21 13:46:30 ----A---- C:\Windows\system32\mshtmled.dll
2016-03-21 13:36:38 ----A---- C:\Windows\system32\drivers\storport.sys
2016-03-21 13:36:37 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2016-03-21 13:36:35 ----AC---- C:\Windows\system32\drivers\spaceport.sys
2016-03-21 13:36:31 ----A---- C:\Windows\system32\mispace.dll
2016-03-21 13:36:28 ----A---- C:\Windows\SYSWOW64\mispace.dll
2016-03-21 13:30:43 ----A---- C:\Windows\SYSWOW64\rsaenh.dll
2016-03-21 13:30:43 ----A---- C:\Windows\system32\rsaenh.dll
2016-03-21 13:27:51 ----A---- C:\Windows\system32\msvcp120_clr0400.dll
2016-03-21 13:27:50 ----A---- C:\Windows\SYSWOW64\msvcp120_clr0400.dll
2016-03-21 13:27:49 ----A---- C:\Windows\SYSWOW64\msvcr120_clr0400.dll
2016-03-21 13:27:49 ----A---- C:\Windows\system32\msvcr120_clr0400.dll
2016-03-21 13:23:51 ----A---- C:\Windows\system32\kerberos.dll
2016-03-21 13:23:50 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-03-21 13:23:02 ----A---- C:\Windows\system32\seclogon.dll
2016-03-21 13:22:44 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-03-21 13:22:44 ----A---- C:\Windows\system32\wucltux.dll
2016-03-21 13:22:44 ----A---- C:\Windows\system32\wuaueng.dll
2016-03-21 13:22:44 ----A---- C:\Windows\system32\wuauclt.exe
2016-03-21 13:22:44 ----A---- C:\Windows\system32\wuapp.exe
2016-03-21 13:22:44 ----A---- C:\Windows\system32\wuapi.dll
2016-03-21 13:22:43 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-03-21 13:22:43 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-03-21 13:22:43 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-03-21 13:22:43 ----A---- C:\Windows\system32\wuwebv.dll
2016-03-21 13:22:43 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2016-03-21 13:22:43 ----A---- C:\Windows\system32\wudriver.dll
2016-03-21 13:22:24 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-03-21 13:22:24 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-03-21 13:22:24 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-03-21 13:22:24 ----A---- C:\Windows\system32\ole32.dll
2016-03-21 13:22:24 ----A---- C:\Windows\system32\asycfilt.dll
2016-03-21 13:22:23 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-03-21 13:22:23 ----A---- C:\Windows\system32\ucrtbase.dll
2016-03-21 13:22:20 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2016-03-21 13:22:20 ----A---- C:\Windows\system32\comsvcs.dll
2016-03-21 13:22:16 ----A---- C:\Windows\system32\wmp.dll
2016-03-21 13:22:15 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-03-21 13:22:14 ----A---- C:\Windows\SYSWOW64\WMASF.DLL
2016-03-21 13:22:13 ----A---- C:\Windows\system32\WMASF.DLL
2016-03-21 13:22:05 ----A---- C:\Windows\system32\drivers\netio.sys
2016-03-21 13:21:59 ----A---- C:\Windows\system32\win32k.sys
2016-03-21 13:21:36 ----AC---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-03-21 13:21:21 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2016-03-21 13:21:21 ----A---- C:\Windows\system32\netlogon.dll
2016-03-21 13:21:11 ----A---- C:\Windows\system32\winlogon.exe
2016-03-21 13:21:09 ----A---- C:\Windows\system32\msra.exe
2016-03-21 13:21:04 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-03-21 13:21:03 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-03-21 13:21:03 ----A---- C:\Windows\system32\atmlib.dll
2016-03-21 13:21:03 ----A---- C:\Windows\system32\atmfd.dll
2016-03-21 13:21:01 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-03-21 13:21:01 ----A---- C:\Windows\system32\mfds.dll
2016-03-21 13:20:52 ----A---- C:\Windows\SYSWOW64\storagewmi.dll
2016-03-21 13:20:52 ----A---- C:\Windows\system32\storagewmi.dll

======List of files/folders modified in the last 1 month======

2016-04-13 12:55:35 ----D---- C:\ProgramData\Gramblr
2016-04-13 12:55:23 ----RD---- C:\Program Files
2016-04-13 12:36:33 ----D---- C:\Windows\Temp
2016-04-13 12:11:48 ----D---- C:\Windows\Prefetch
2016-04-13 12:01:42 ----D---- C:\Windows\system32\drivers
2016-04-13 12:01:42 ----D---- C:\Windows\Panther
2016-04-13 12:01:17 ----D---- C:\Program Files\KMSpico
2016-04-13 12:00:04 ----D---- C:\Windows\system32\sru
2016-04-13 11:32:53 ----D---- C:\Windows\system32\DriverStore
2016-04-13 11:32:53 ----D---- C:\Windows\Inf
2016-04-13 11:29:18 ----D---- C:\Windows\system32\catroot
2016-04-12 22:48:33 ----SHD---- C:\System Volume Information
2016-04-12 22:37:06 ----RD---- C:\Program Files (x86)
2016-04-12 22:37:06 ----HD---- C:\ProgramData
2016-04-12 22:30:08 ----D---- C:\Windows\system32\config
2016-04-12 22:23:50 ----RD---- C:\Windows\System32
2016-04-12 22:23:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-04-12 22:22:20 ----D---- C:\Users\Deborah\AppData\Roaming\Spotify
2016-04-12 21:39:29 ----D---- C:\Users\Deborah\AppData\Roaming\uTorrent
2016-04-12 12:23:08 ----D---- C:\Windows\Microsoft.NET
2016-04-11 22:59:01 ----D---- C:\Windows\system32\Tasks
2016-04-10 18:21:09 ----D---- C:\Users\Deborah\AppData\Roaming\vlc
2016-04-07 10:16:30 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2016-04-07 10:16:30 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-06 20:08:03 ----D---- C:\Windows\system32\catroot2
2016-04-06 15:14:26 ----D---- C:\Program Files\Gramblr
2016-04-04 19:36:02 ----D---- C:\Windows\WinSxS
2016-04-02 22:53:05 ----SD---- C:\Users\Deborah\AppData\Roaming\Microsoft
2016-04-01 23:29:09 ----SHD---- C:\Windows\Installer
2016-04-01 23:29:00 ----D---- C:\ProgramData\Package Cache
2016-04-01 23:28:57 ----D---- C:\Windows\SysWOW64
2016-04-01 23:24:01 ----RSD---- C:\Windows\assembly
2016-04-01 21:11:13 ----D---- C:\Program Files (x86)\Acer
2016-03-25 13:44:48 ----D---- C:\Windows\CbsTemp
2016-03-25 13:40:42 ----SD---- C:\Windows\SYSWOW64\GWX
2016-03-25 13:40:41 ----SD---- C:\Windows\system32\GWX
2016-03-25 13:10:55 ----D---- C:\Windows\rescache
2016-03-24 17:00:37 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-03-21 23:07:05 ----D---- C:\Windows\system32\appraiser
2016-03-21 23:07:04 ----D---- C:\Windows\SYSWOW64\nl-NL
2016-03-21 23:07:04 ----D---- C:\Windows\SYSWOW64\en-US
2016-03-21 23:07:04 ----D---- C:\Program Files\Internet Explorer
2016-03-21 23:07:04 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-21 23:07:03 ----D---- C:\Windows\system32\nl-NL
2016-03-21 23:07:03 ----D---- C:\Windows\system32\en-US
2016-03-21 23:07:01 ----D---- C:\Windows\system32\drivers\nl-NL
2016-03-21 23:07:01 ----D---- C:\Windows\system32\drivers\en-US
2016-03-21 21:02:55 ----HD---- C:\Program Files\WindowsApps
2016-03-21 21:02:55 ----D---- C:\Windows\AppReadiness
2016-03-21 21:01:54 ----D---- C:\Windows\system32\MRT
2016-03-21 20:43:17 ----A---- C:\Windows\system32\MRT.exe
2016-03-21 14:34:19 ----D---- C:\ProgramData\Microsoft Help
2016-03-21 13:10:53 ----A---- C:\Windows\system32\ie4uinit.exe
2016-03-21 13:10:51 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-03-21 13:10:50 ----A---- C:\Windows\system32\iedkcs32.dll
2016-03-21 12:40:09 ----D---- C:\Program Files (x86)\Dropbox
2016-03-15 18:14:15 ----D---- C:\Users\Deborah\AppData\Roaming\Mozilla

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem4.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\Windows\System32\drivers\amdkmpfd.sys [2013-12-12 36608]
R0 amdpsp;@oem6.inf,%amdpsp.SVCDESC%;AMD PSP 1.0 Service; C:\Windows\system32\DRIVERS\amdpsp.sys [2014-02-25 230088]
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2013-09-17 239296]
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;@oem24.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 ndisrd;@oem12.inf,%ndisrfl_Desc%;Intel(R) Technology Access Filter Driver; C:\Windows\system32\DRIVERS\ndisrfl.sys [2015-04-30 41688]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 APXACC;@oem7.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\Windows\system32\DRIVERS\appexDrv.sys [2013-11-01 224992]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2014-10-07 122072]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-03-23 13266944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-03-23 625152]
R3 athr;@oem10.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2014-02-14 3888640]
R3 AtiHDAudioService;@oem5.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdWB6.sys [2013-12-20 222720]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator-service; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy-stuurprogramma; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth-apparaat (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-04-08 3917272]
R3 LMDriver;@oem15.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\Windows\System32\drivers\LMDriver.sys [2013-07-17 21360]
R3 MarvinBus;@oem35.inf,%MarvinBus.SVCDESC%;Pinnacle Marvin Bus 64; C:\Windows\System32\drivers\MarvinBus64.sys [2005-09-23 261120]
R3 RadioShim;@oem15.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\Windows\System32\drivers\RadioShim.sys [2013-07-17 14680]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTL8168;@oem1.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-12-18 839896]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\System32\drivers\serscan.sys [2014-10-29 11776]
R3 SynRMIHID;@oem9.inf,%SynRMIHID.SVCDESC%;Synaptics HID Service; C:\Windows\system32\DRIVERS\SynRMIHID.sys [2014-02-20 42224]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 BTATH_BUS;@oem11.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys []
S0 kxgrnmk;kxgrnmk; C:\Windows\System32\drivers\quhgj.sys [2016-04-13 79064]
S3 amdkmcsp;@oem6.inf,%amdkmcsp.SVCDESC%;AMD Kernel Mode CSP Service; C:\Windows\system32\DRIVERS\amdkmcsp.sys [2014-02-25 85704]
S3 AndNetDiag;@oem21.inf,%Lgsi.Service.Name%;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [2015-01-26 30720]
S3 ANDNetModem;@oem31.inf,%LGSI.Service.Name%;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [2015-01-26 37376]
S3 AthBTPort;@oem14.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys []
S3 BTATH_A2DP;@oem13.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys []
S3 btath_avdt;@oem13.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys []
S3 BTATH_HCRP;@oem16.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys []
S3 BTATH_LWFLT;@oem18.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys []
S3 BTATH_RCP;@oem20.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys []
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 GeneStor;@oem8.inf,%GENESTOR.SvcDesc%;Genesys Logic Storage Driver; C:\Windows\System32\drivers\GeneStor.sys [2014-01-18 107208]
S3 NetTap630;@oem11.inf,%NetTap.Service.DispName%;Intel(R) Technology Access TAP Driver (NDIS 6.30); C:\Windows\system32\DRIVERS\nettap630.sys [2015-04-30 67800]
S3 QRDCIO;@oem17.inf,%SERVICE_DISPLAY_NAME%;Quanta Generic IO Access; C:\Windows\System32\drivers\QRDCIO.sys [2009-10-20 9728]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-05 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-03-23 239616]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-05-29 77128]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [2015-05-29 323152]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2014-10-07 388824]
R2 BstHdUpdaterSvc;BlueStacks Updater Service; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2014-10-07 782040]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2016-01-14 2860760]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-02-24 1343408]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2015-10-12 349728]
R2 gramblrclient;Windows Connectiviteit voor Gramblr.; C:\Program Files\Gramblr\gramblr.exe [2016-04-06 9604688]
R2 Intel(R) TechnologyAccessLegacyCSLoader;Intel(R) Technology Access Legacy CS Loader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [2016-03-15 154272]
R2 Intel(R) TechnologyAccessService;Intel(R) Technology Access Service; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [2016-03-15 479392]
R2 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2014-03-17 459496]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2012-04-24 254512]
R2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2014-08-25 954048]
R2 tbaseprovisioning;tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [2014-02-25 51712]
R3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2012-06-05 266240]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2014-03-21 2573544]
R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2015-07-11 644904]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 QASvc;Quick Access Service; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [2014-03-22 457960]
R3 RMSvc;Quick Access RadioMgr Service; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [2014-03-22 449768]
R3 UEIPSvc;User Experience Improvement Program; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [2014-01-25 222952]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2014-10-07 409304]
S2 dbupdate;Dropbox-update-service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-01-22 143144]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 dbupdatem;Dropbox-update-service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-01-22 143144]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2015-10-12 209952]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 Intel(R) TA SAM;Intel(R) Technology Access Software Asset Manager; C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-08-12 19088]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25 178312]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-03-24 146888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]

-----------------EOF-----------------