Logfile of random's system information tool 1.09 (written by random/random)
Run by Bea at 2014-01-09 17:05:51
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 10 GB (13%) free of 76 GB
Total RAM: 4095 MB (25% free)
HijackThis download failed
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
Atouch64.exe
taskeng.exe {68E1F0B0-9634-4A5B-8974-D48546D3FF98}
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe" /STARTUP
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
ATKOSD.exe
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
KBFiltr.exe
WDC.exe
"C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe"
"C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe"
"C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe"
C:\Windows\SysWOW64\NLSSRV32.EXE
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Windows Firewall Control\wfcs.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3016.0.1855618592\1814771311" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22,26 --gpu-vendor-id=0x10de --gpu-device-id=0x0649 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3165 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.1.891228675\1836992531" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.2.5992\1112043605" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.3.184959119\1007230096" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.4.1957033279\1385836779" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.5.1611726235\2066915312" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.6.1403444221\1298711960" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.7.1843714322\1013641859" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.8.1350697363\436570254" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.9.1549845055\884524437" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.10.1758640677\569002984" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.11.1092450873\468670240" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.12.191314067\1946322563" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.13.561392783\102733708" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.14.1077861012\49724939" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.15.360523537\72181389" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.16.1901270832\65877531" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.17.240386638\684110366" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\\1.0.0_0\Plugin/ASCPlugin_Protect.dll" --lang=nl --channel="3016.18.149999417\1985133597" /prefetch:-390060480
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Program Files (x86)\LastPass\nplastpass.dll" --lang=nl --channel="3016.23.962181024\1668528910" /prefetch:-390060480
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\PROGRAM FILES (X86)\GOOGLE\DRIVE\GOOGLEDRIVESYNC.EXE" /autostart
"C:\PROGRAM FILES (X86)\ASUS\ATKOSD2\ATKOSD2.EXE"
"C:\PROGRAM FILES (X86)\ASUSTEK\ASUSDVD 8\PDVD8SERV.EXE"
"C:\PROGRAM FILES\ELANTECH\ETDCTRL.EXE"
"C:\PROGRAM FILES\WINDOWS FIREWALL CONTROL\WFC.EXE"
"C:\PROGRAM FILES (X86)\GOOGLE\DRIVE\GOOGLEDRIVESYNC.EXE" /autostart
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --instant-process --disable-html-notifications --channel="3016.31.1429907311\1641474688" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.32.2061087341\1143146347" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="3016.36.1783159620\89543365" /prefetch:673131151
"C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="3016.68.1822023826\511612177" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="3016.69.50636067\1086007791" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="3016.72.1413733537\1414286372" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="3016.74.2009200803\2133843707" /prefetch:673131151
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group1 pct:25 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_18/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="3016.129.615022759\1264718553" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Bea\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\Driver Booster Startup.job
C:\Windows\tasks\Driver Booster Update.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2013-11-22 2486592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}]
LastPass Vault - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2013-12-19 916992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll [2013-12-16 1154720]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-02 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}]
LastPass Vault - C:\Program Files (x86)\LastPass\LPToolbar.dll [2013-12-19 612864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}]
FlashGetBHO - C:\Users\Bea\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll [2012-11-01 149168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-10-17 669504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll [2013-12-16 1432224]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-02 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - LastPass Toolbar - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2013-12-19 916992]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll [2013-12-16 1154720]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll [2013-12-16 1432224]
{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - LastPass Toolbar - C:\Program Files (x86)\LastPass\LPToolbar.dll [2013-12-19 612864]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-08-12 323072]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74DE4DC2"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2013-12-04 863184]
"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2013-11-11 2283808]
"uTorrent"=C:\Users\Bea\AppData\Roaming\uTorrent\uTorrent.exe [2013-11-19 1142864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe [2013-05-11 958576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2009-12-05 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
c:\program files (x86)\asus\atkosd2\atkosd2.exe [2009-08-17 6859392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe [2008-07-19 104936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
c:\program files\elantech\etdctrl.exe [2009-09-30 621440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74D]
c:\program files (x86)\google\chrome\application\chrome.exe [2013-12-04 863184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]
c:\program files (x86)\google\drive\googledrivesync.exe [2013-12-06 20203904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
c:\program files (x86)\asustek\asusdvd 8\language\language.exe [2009-04-16 50472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
c:\program files (x86)\asustek\asusdvd 8\pdvd8serv.exe [2009-04-16 91432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-11-23 13662936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
c:\users\bea\appdata\roaming\utorrent\utorrent.exe [2013-11-19 1142864]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
C:\Users\Bea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2010 Schermopname en Snel starten.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Deployer.exe]
"Debugger=""C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DriverBooster.exe]
"Debugger=""C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbam.exe]
"Debugger=""C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbamgui.exe]
"Debugger=""C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbampt.exe]
"Debugger=""C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbamscheduler.exe]
"Debugger=""C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbamservice.exe]
"Debugger=""C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Promote.exe]
"Debugger=""C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Scheduler.exe]
"Debugger=""C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UpdateDB.exe]
"Debugger=""C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-01-09 17:05:51 ----D---- C:\rsit
2014-01-09 17:05:51 ----D---- C:\Program Files\trend micro
2013-12-19 19:14:43 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-19 19:14:42 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-19 19:14:42 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-19 19:14:42 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-19 19:14:42 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-19 19:14:42 ----A---- C:\Windows\system32\ieui.dll
2013-12-19 19:14:41 ----A---- C:\Windows\system32\iesetup.dll
2013-12-19 19:14:41 ----A---- C:\Windows\system32\iernonce.dll
2013-12-19 19:14:41 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-19 19:14:41 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-19 19:14:41 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-19 19:14:40 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-19 19:14:40 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-19 19:14:40 ----A---- C:\Windows\system32\mshtml.dll
2013-12-19 19:14:40 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-19 19:14:40 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-19 19:14:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-19 19:14:39 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-19 19:14:39 ----A---- C:\Windows\system32\iertutil.dll
2013-12-19 19:14:38 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-19 19:14:38 ----A---- C:\Windows\system32\wininet.dll
2013-12-19 19:14:38 ----A---- C:\Windows\system32\urlmon.dll
2013-12-19 19:14:37 ----A---- C:\Windows\system32\ieframe.dll
2013-12-19 19:14:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-19 19:14:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-19 19:14:33 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-19 19:14:33 ----A---- C:\Windows\system32\jscript9.dll
2013-12-17 08:55:39 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-12-17 08:50:13 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-12-17 08:50:13 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-17 08:50:06 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-12-17 08:50:06 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-12-17 08:50:06 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-12-17 08:50:06 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-12-17 08:50:06 ----A---- C:\Windows\system32\elshyph.dll
2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\url.dll
2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-12-17 08:50:05 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-12-17 08:50:04 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-12-17 08:50:04 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-12-17 08:50:04 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-12-17 08:50:04 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-12-17 08:50:04 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-12-17 08:50:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-17 08:50:04 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-12-17 08:50:04 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-12-17 08:50:04 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-12-17 08:50:03 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-12-17 08:50:03 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-12-17 08:50:03 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-12-17 08:50:03 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-12-17 08:50:03 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-12-17 08:50:03 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-12-17 08:50:03 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-12-17 08:50:03 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-12-17 08:50:03 ----A---- C:\Windows\system32\jsIntl.dll
2013-12-17 08:50:02 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-12-17 08:50:02 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-17 08:50:02 ----A---- C:\Windows\system32\msrating.dll
2013-12-17 08:50:02 ----A---- C:\Windows\system32\msls31.dll
2013-12-17 08:50:02 ----A---- C:\Windows\system32\mshtmler.dll
2013-12-17 08:50:02 ----A---- C:\Windows\system32\msfeedssync.exe
2013-12-17 08:50:02 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-12-17 08:50:02 ----A---- C:\Windows\system32\iesysprep.dll
2013-12-17 08:50:02 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-12-17 08:50:01 ----A---- C:\Windows\system32\wextract.exe
2013-12-17 08:50:01 ----A---- C:\Windows\system32\webcheck.dll
2013-12-17 08:50:01 ----A---- C:\Windows\system32\vbscript.dll
2013-12-17 08:50:01 ----A---- C:\Windows\system32\url.dll
2013-12-17 08:50:01 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-12-17 08:50:01 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-17 08:50:01 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-17 08:50:01 ----A---- C:\Windows\system32\licmgr10.dll
2013-12-17 08:50:01 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-17 08:50:01 ----A---- C:\Windows\system32\inseng.dll
2013-12-17 08:50:01 ----A---- C:\Windows\system32\iexpress.exe
2013-12-17 08:50:01 ----A---- C:\Windows\system32\iedkcs32.dll
2013-12-17 08:50:01 ----A---- C:\Windows\system32\ieapfltr.dat
2013-12-17 08:50:01 ----A---- C:\Windows\system32\icardie.dll
2013-12-17 08:50:01 ----A---- C:\Windows\system32\dxtrans.dll
2013-12-17 08:50:01 ----A---- C:\Windows\system32\dxtmsft.dll
2013-12-17 08:50:00 ----A---- C:\Windows\system32\pngfilt.dll
2013-12-17 08:50:00 ----A---- C:\Windows\system32\occache.dll
2013-12-17 08:50:00 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-12-17 08:50:00 ----A---- C:\Windows\system32\mshta.exe
2013-12-17 08:50:00 ----A---- C:\Windows\system32\jscript.dll
2013-12-17 08:50:00 ----A---- C:\Windows\system32\imgutil.dll
2013-12-17 08:50:00 ----A---- C:\Windows\system32\iepeers.dll
2013-12-16 16:56:02 ----D---- C:\Program Files (x86)\Cabri II Plus
2013-12-12 15:54:00 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-12 15:53:59 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-12 15:53:59 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-12 15:53:57 ----A---- C:\Windows\system32\wmp.dll
2013-12-12 14:34:51 ----A---- C:\Windows\system32\msieftp.dll
2013-12-12 14:34:50 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-12 14:34:48 ----A---- C:\Windows\system32\win32k.sys
2013-12-12 14:34:47 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-12 14:34:46 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-12 14:34:45 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-12 14:34:44 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-12 14:34:43 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-12 14:34:43 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-12 14:34:43 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-12 14:34:43 ----A---- C:\Windows\system32\wscript.exe
2013-12-12 14:34:43 ----A---- C:\Windows\system32\scrrun.dll
2013-12-12 14:34:43 ----A---- C:\Windows\system32\cscript.exe
2013-12-12 14:34:42 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-12 14:34:42 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-12 14:34:38 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-12 14:34:38 ----A---- C:\Windows\system32\tzres.dll
2013-12-10 23:33:29 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2013-12-10 23:24:37 ----D---- C:\Users\Bea\AppData\Roaming\Spotnet
======List of files/folders modified in the last 1 month======
2014-01-09 17:05:51 ----RD---- C:\Program Files
2014-01-09 17:05:13 ----D---- C:\Windows\Temp
2014-01-09 15:49:05 ----D---- C:\Users\Bea\AppData\Roaming\uTorrent
2014-01-09 15:41:47 ----D---- C:\Windows\system32\config
2014-01-09 15:40:12 ----D---- C:\Program Files (x86)\Common Files
2014-01-09 15:29:48 ----D---- C:\AdwCleaner
2014-01-09 14:52:17 ----D---- C:\Windows\system32\catroot2
2014-01-09 14:49:13 ----D---- C:\Windows\SoftwareDistribution
2014-01-09 14:47:26 ----D---- C:\Windows\SysWOW64
2014-01-09 14:39:18 ----AD---- C:\Windows
2014-01-09 14:39:10 ----D---- C:\Windows\debug
2014-01-09 10:24:50 ----SD---- C:\Users\Bea\AppData\Roaming\Microsoft
2014-01-09 10:09:19 ----SHD---- C:\Boot
2014-01-06 19:14:45 ----D---- C:\Windows\system32\FxsTmp
2014-01-06 19:09:44 ----SHD---- C:\Windows\Installer
2014-01-06 19:09:44 ----SHD---- C:\Config.Msi
2014-01-06 19:07:22 ----SHD---- C:\System Volume Information
2014-01-06 18:57:58 ----D---- C:\ProgramData\ProductData
2014-01-03 01:19:16 ----D---- C:\Windows\Microsoft.NET
2014-01-03 00:49:58 ----RSD---- C:\Windows\assembly
2014-01-03 00:49:48 ----HD---- C:\ProgramData
2014-01-03 00:49:45 ----RD---- C:\Program Files (x86)
2014-01-02 23:55:32 ----D---- C:\ProgramData\BlueStacksSetup
2014-01-02 23:53:23 ----D---- C:\Windows\Prefetch
2014-01-02 23:02:46 ----D---- C:\Windows\system32\Tasks
2013-12-24 23:09:00 ----D---- C:\Program Files\CCleaner
2013-12-24 21:51:22 ----D---- C:\Users\Bea\AppData\Roaming\calibre
2013-12-24 21:02:29 ----D---- C:\Windows\inf
2013-12-24 20:34:23 ----D---- C:\Windows\System32
2013-12-24 20:34:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-24 15:13:54 ----D---- C:\Program Files (x86)\Calibre2
2013-12-19 22:00:23 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-12-19 19:46:37 ----D---- C:\Program Files (x86)\LastPass
2013-12-19 19:33:43 ----D---- C:\Windows\winsxs
2013-12-19 19:28:31 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-19 19:28:30 ----D---- C:\Program Files\Internet Explorer
2013-12-19 19:14:59 ----D---- C:\Windows\system32\catroot
2013-12-19 16:00:20 ----A---- C:\Windows\system32\acovcnt.exe
2013-12-19 10:07:14 ----D---- C:\Windows\Panther
2013-12-19 10:07:14 ----D---- C:\Windows\Logs
2013-12-17 20:35:39 ----D---- C:\Windows\rescache
2013-12-17 09:01:17 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-12-17 09:01:16 ----D---- C:\Windows\system32\nl-NL
2013-12-17 09:01:12 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-12-17 09:01:12 ----D---- C:\Windows\SYSWOW64\it-IT
2013-12-17 09:01:12 ----D---- C:\Windows\SYSWOW64\he-IL
2013-12-17 09:01:12 ----D---- C:\Windows\SYSWOW64\el-GR
2013-12-17 09:01:11 ----D---- C:\Windows\SYSWOW64\wbem
2013-12-17 09:01:11 ----D---- C:\Windows\SYSWOW64\migration
2013-12-17 09:01:11 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-12-17 09:01:10 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-12-17 09:01:10 ----D---- C:\Windows\SYSWOW64\es-ES
2013-12-17 09:01:10 ----D---- C:\Windows\SYSWOW64\de-DE
2013-12-17 09:01:09 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-17 09:01:04 ----D---- C:\Windows\PolicyDefinitions
2013-12-17 09:01:03 ----D---- C:\Windows\system32\pt-PT
2013-12-17 09:01:03 ----D---- C:\Windows\system32\migration
2013-12-17 09:01:03 ----D---- C:\Windows\system32\it-IT
2013-12-17 09:01:03 ----D---- C:\Windows\system32\he-IL
2013-12-17 09:01:03 ----D---- C:\Windows\system32\fr-FR
2013-12-17 09:01:03 ----D---- C:\Windows\system32\el-GR
2013-12-17 09:01:02 ----D---- C:\Windows\system32\zh-TW
2013-12-17 09:01:02 ----D---- C:\Windows\system32\wbem
2013-12-17 09:01:02 ----D---- C:\Windows\system32\es-ES
2013-12-17 09:01:02 ----D---- C:\Windows\system32\de-DE
2013-12-17 09:01:01 ----D---- C:\Windows\system32\en-US
2013-12-17 08:47:23 ----D---- C:\Windows\system32\MRT
2013-12-17 00:52:08 ----A---- C:\Windows\system32\MRT.exe
2013-12-16 16:07:50 ----D---- C:\ProgramData\IObit
2013-12-12 17:56:51 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-12 17:56:50 ----D---- C:\Program Files\Windows Media Player
2013-12-12 17:56:31 ----D---- C:\Windows\system32\DriverStore
2013-12-12 17:56:29 ----D---- C:\Windows\system32\drivers
2013-12-12 15:53:30 ----D---- C:\ProgramData\Microsoft Help
2013-12-11 11:58:35 ----D---- C:\Users\Bea\AppData\Roaming\Nitro PDF
2013-12-10 23:52:41 ----D---- C:\ProgramData\Spotnet
2013-12-10 23:32:52 ----D---- C:\Program Files (x86)\Spotnet
2013-12-10 22:40:21 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-12-05 35384]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240]
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2013-08-27 244328]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-05-22 17720]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 PfFilter;PfFilter; \??\C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [2013-04-03 39504]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2013-10-03 3884032]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-11-23 3707864]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-08-27 194488]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 28704]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-10-03 883928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-05-20 1799680]
S3 cpuz135;cpuz135; \??\C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2012-08-11 24368]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-10-25 878368]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-10-16 2151232]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool; C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-01-12 341312]
R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2013-03-25 230408]
R2 nlsX86cc;NLS Service; C:\Windows\SysWOW64\NLSSRV32.EXE [2011-01-12 68928]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-23 922912]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-08-27 239176]
R2 wfcs;Windows Firewall Control; C:\Program Files\Windows Firewall Control\wfcs.exe [2013-11-21 75776]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe [2013-12-16 247968]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [2009-04-15 271760]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe [2013-12-16 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-02 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10 257416]
S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 fsssvc;Windows Live Family Safety; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-02 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-02 1255736]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S4 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-08-27 93072]
