Logfile of random's system information tool 1.10 (written by random/random)
Run by Catlyne Nix at 2015-10-03 13:51:08
Microsoft Windows 10 Home 
System drive C: has 20 GB (4%) free of 463 GB
Total RAM: 3818 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:51:34, on 3/10/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Users\Catlyne Nix\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Catlyne Nix\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\ProgramData\Avg_Update_0915tb\AVG-Secure-Search-Update_0915tb.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Catlyne Nix\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\40.1.6\ScriptHelper.exe
C:\WINDOWS\SysWOW64\WerFault.exe
C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Users\Catlyne Nix\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Catlyne Nix\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Catlyne Nix\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Catlyne Nix\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Catlyne Nix\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Catlyne Nix\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
C:\Users\CATLYN~1\AppData\Local\Temp\clear.fiClient\cabarc.exe
C:\Program Files\trend micro\Catlyne Nix.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1400793315&from=slbnew&uid=WDCXWD5000BPVT-22HXZT3_WD-WXN1A81U0012U0012
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={9DA6692B-139D-4BC0-A72C-CCF8DB4F3B89}&mid=624a76a86cd547cdb87ee929313bc905-0f3fa075aa198932f13973a6bd998ebc4101a7c4&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0915av&pr=fr&d=2015-09-11 11:51:11&v=4.1.6.294&pid=wtu&sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Users\Catlyne Nix\AppData\LocalLow\uTorrentBar_NL\prxtbuTo2.dll (file missing)
F2 - REG:system.ini: UserInit=
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: CrossriderApp0003491 - {11111111-1111-1111-1111-110011341191} - C:\Program Files (x86)\Vid-Saver\Vid-Saver.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Zebar - {26e67fb2-111e-417f-966e-547ac43968cf} - C:\Program Files (x86)\Zebar\Zebarbho.dll (file missing)
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\bh\BabylonToolbar.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: uTorrentBar_NL - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Users\Catlyne Nix\AppData\LocalLow\uTorrentBar_NL\prxtbuTo2.dll (file missing)
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.1.6.294\AVG Web TuneUp.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\OPENSU~1\Iplex\IPLEXT~1.DLL
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarTlbr.dll
O3 - Toolbar: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Users\Catlyne Nix\AppData\LocalLow\uTorrentBar_NL\prxtbuTo2.dll (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [SecureW2 Tray] C:\Program Files (x86)\SecureW2\sw2_tray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Catlyne Nix\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files (x86)\OpenSubtitlesPlayer\ALLUpdate.exe" "sleep"
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Catlyne Nix\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Catlyne Nix\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [BackgroundContainerV2] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Catlyne Nix\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
O4 - HKCU\..\Run: [Spotify] "C:\Users\Catlyne Nix\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Catlyne Nix\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Catlyne Nix\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0915tb] "C:\ProgramData\Avg_Update_0915tb\AVG-Secure-Search-Update_0915tb.exe" /PROMPT /CMPID=0915tb 
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Catlyne Nix\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Catlyne Nix\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Catlyne Nix\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Catlyne Nix\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Catlyne Nix\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Catlyne Nix\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Facebook Messenger.lnk = Catlyne Nix\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dropbox-update-service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox-update-service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc.  - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Service (IePluginService) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginService\PluginService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater40.1.6 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 20397 bytes

======Listing Processes======




c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-1bf1-796b59ad6854 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"



winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\atiesrxx.exe
atieclxx
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe"
C:\ProgramData\IePluginService\PluginService.exe -service
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
dashost.exe {dff89557-561f-4454-8b9b252646a3b5d0}
C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
C:\WINDOWS\system32\mqsvc.exe
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\Windows\system32\svchost.exe -k HPService
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted

taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
sihost.exe
C:\ProgramData\Avg_Update_0915tb\AVG-Secure-Search-Update_0915tb.exe --RELAUNCH=1 --CMPID=0915tb
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskeng.exe {6B42B464-BA7E-4E0F-BAB6-E219F28A5B4A}
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" 
"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\system32\rstrui.exe"  /RUNONCELAUNCH
"C:\Program Files (x86)\Acer\clear.fi Client\ExtractDeviceIcon.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\WerFault.exe -u -p 1472 -s 1912
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" 
"C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" 
"C:\Users\Catlyne Nix\AppData\Roaming\Spotify\SpotifyWebHelper.exe" 
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Windows\SysWOW64\rundll32.exe" "C:\Users\Catlyne Nix\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Users\Catlyne Nix\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\ProgramData\Avg_Update_0915tb\AVG-Secure-Search-Update_0915tb.exe" /PROMPT /CMPID=0915tb 
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe" 
"C:\Users\Catlyne Nix\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe" 
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" 
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Launch Manager\LManager.exe" 
"C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" 
"C:\Program Files (x86)\PowerISO\PWRISOVM.EXE" -startup
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" 
"fontdrvhost.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
"C:\Program Files (x86)\SecureW2\sw2_tray.exe" 
"C:\Program Files (x86)\iTunes\iTunesHelper.exe" 
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" 
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\system32\rundll32.exe generaltel.dll,RunTelemetryW
ctfmon.exe
 {28D81EB6-1C8C-4395-A792-60BBFD7D6B83}
C:\Windows\System32\InstallAgent.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\40.1.6\ScriptHelper.exe" -Embedding
"C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\40.1.6\ScriptHelper.exe" -Embedding
C:\WINDOWS\SysWOW64\WerFault.exe -u -p 5216 -s 1004
"C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe" --type=renderer --no-sandbox --user-agent="Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" --lang=en-US --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --lang=en-US --uncaught-exception-stack-size=1024 --disable-pepper-3d --disable-accelerated-compositing --disable-accelerated-video-decode --disable-webrtc-hw-encoding --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="7300.1.1668541510\952376962" /prefetch:673131151
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16464_none_116100d161f6ab1d\TiWorker.exe -Embedding
 {51434C2A-5700-42D2-9940-77A096ED629F}
"C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe"
"C:\Users\Catlyne Nix\AppData\Local\Google\Chrome\Application\chrome.exe" http://istart.webssearches.com/?type=sc&ts=1400793315&from=slbnew&uid=WDCXWD5000BPVT-22HXZT3_WD-WXN1A81U0012U0012
"C:\Users\Catlyne Nix\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="8320.0.2028997105\1885458215" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45 --gpu-vendor-id=0x1002 --gpu-device-id=0x9802 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.200.1062.1004 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
"C:\Users\Catlyne Nix\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group17 pct:1h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Control/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="8320.2.1762937030\856126119" --font-cache-shared-handle=2760 /prefetch:673131151
"C:\Users\Catlyne Nix\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group17 pct:1h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Control/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="8320.3.1713296963\885678333" --font-cache-shared-handle=3276 /prefetch:673131151
"C:\Users\Catlyne Nix\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group17 pct:1h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Control/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="8320.4.993265543\315829721" --font-cache-shared-handle=3680 /prefetch:673131151
"C:\Users\Catlyne Nix\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group17 pct:1h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Control/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="8320.14.1105657070\1942642467" --font-cache-shared-handle=2836 /prefetch:673131151
C:\WINDOWS\system32\rundll32.exe generaltel.dll,DoCensusRun yIFHyv3bwkibH2sI.3
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe" -background
"C:\Program Files\EgisTec IPS\EgisUpdate.exe" 
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Users\CATLYN~1\AppData\Local\Temp\clear.fiClient\cabarc.exe" -o x C:\ProgramData\Microsoft\Windows\DeviceMetadataStore\en-US\AA874297-ADEA-49b9-A0F9-D2AC67191254.devicemetadata-ms *.ico *.xml C:\Users\CATLYN~1\AppData\Local\Temp\clear.fiClient\
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 592 596 604 8192 600 
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Users\Catlyne Nix\Downloads\RSITx64.exe" 


======Scheduled tasks folder======

C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-1461940035-2626244505-742007032-1001Core.job - C:\Users\Catlyne Nix\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-1461940035-2626244505-742007032-1001UA.job - C:\Users\Catlyne Nix\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1461940035-2626244505-742007032-1001Core.job - C:\Users\Catlyne Nix\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1461940035-2626244505-742007032-1001UA.job - C:\Users\Catlyne Nix\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1461940035-2626244505-742007032-1001Core.job - C:\Users\Catlyne Nix\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1461940035-2626244505-742007032-1001UA.job - C:\Users\Catlyne Nix\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Web TuneUp - C:\Program Files\AVG Web TuneUp\4.1.6.294\AVG Web TuneUp.dll [2015-09-11 2476432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-12-16 725768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011341191}]
Vid-Saver - C:\Program Files (x86)\Vid-Saver\Vid-Saver.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26e67fb2-111e-417f-966e-547ac43968cf}]
Zebar - C:\Program Files (x86)\Zebar\Zebarbho.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
Babylon toolbar helper - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\bh\BabylonToolbar.dll [2012-07-26 245912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87775fdb-6972-41f9-ae51-8326e38cb206}]
uTorrentBar_NL Toolbar - C:\Users\Catlyne Nix\AppData\LocalLow\uTorrentBar_NL\prxtbuTo2.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Web TuneUp - C:\Program Files (x86)\AVG Web TuneUp\4.1.6.294\AVG Web TuneUp.dll [2015-09-11 2426256]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}]
IplexToALLPlayer - C:\PROGRA~2\OPENSU~1\Iplex\IPLEXT~1.DLL [2011-02-09 400384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-12-16 615688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - 
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarTlbr.dll [2012-07-26 268440]
{87775fdb-6972-41f9-ae51-8326e38cb206} - uTorrentBar_NL Toolbar - C:\Users\Catlyne Nix\AppData\LocalLow\uTorrentBar_NL\prxtbuTo2.dll []
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24 13885696]
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-08-02 1831016]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-08-04 3935912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Catlyne Nix\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
"ALLUpdate"=C:\Program Files (x86)\OpenSubtitlesPlayer\ALLUpdate.exe [2011-08-17 1064448]
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2012-12-21 1090040]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2013-09-14 59720]
"Facebook Update"=C:\Users\Catlyne Nix\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-19 138096]
"Spotify Web Helper"=C:\Users\Catlyne Nix\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-06-06 2021944]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30877280]
"BackgroundContainerV2"=C:\Windows\SysWOW64\Rundll32.exe [2015-07-10 53760]
"Spotify"=C:\Users\Catlyne Nix\AppData\Roaming\Spotify\Spotify.exe [2015-06-06 7323192]
"Dropbox Update"=C:\Users\Catlyne Nix\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-05 134512]
"OneDrive"=C:\Users\Catlyne Nix\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-09-15 405584]
"AVG-Secure-Search-Update_0915tb"=C:\ProgramData\Avg_Update_0915tb\AVG-Secure-Search-Update_0915tb.exe [2015-09-22 2561936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Catlyne Nix\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448]
"Uninstall C:\Users\Catlyne Nix\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448]
"Uninstall C:\Users\Catlyne Nix\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-09-20 341360]
"Norton Online Backup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-02 1155928]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2012-01-05 296984]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-07-01 1103440]
"ArcadeMovieService"=C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [2011-08-27 177448]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2012-02-09 312376]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]
""= []
"beid"=C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup []
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Cisco AnyConnect Secure Mobility Agent for Windows"=C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2014-10-16 707472]
"SecureW2 Tray"=C:\Program Files (x86)\SecureW2\sw2_tray.exe [2014-03-24 224600]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2015-08-24 3775912]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-08-03 767176]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2015-08-14 39175960]
"vProt"=C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2015-09-11 3175312]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Catlyne Nix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Messenger.lnk - C:\Users\Catlyne Nix\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-10-03 13:51:10 ----D---- C:\Program Files\trend micro
2015-10-03 13:51:08 ----D---- C:\rsit
2015-09-24 11:00:56 ----D---- C:\WINDOWS\Minidump
2015-09-22 23:01:47 ----D---- C:\ProgramData\Avg_Update_0915tb
2015-09-11 11:51:32 ----D---- C:\ProgramData\AVG Security Toolbar
2015-09-11 11:51:02 ----D---- C:\ProgramData\AVG Secure Search
2015-09-11 11:50:57 ----D---- C:\ProgramData\AVG Web TuneUp
2015-09-11 11:50:57 ----D---- C:\Program Files\AVG Web TuneUp
2015-09-11 11:50:47 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2015-09-09 15:54:33 ----D---- C:\Program Files (x86)\Dropbox
2015-09-09 00:36:24 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-09-09 00:36:13 ----A---- C:\WINDOWS\system32\edgehtml.dll
2015-09-09 00:36:03 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2015-09-09 00:35:45 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-09-09 00:35:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-09-09 00:35:28 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-09-09 00:35:20 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-09-09 00:35:20 ----A---- C:\WINDOWS\SYSWOW64\iertutil(6531).dll
2015-09-09 00:35:20 ----A---- C:\WINDOWS\system32\authui.dll
2015-09-09 00:35:19 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 00:35:19 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive(6470).dll
2015-09-09 00:35:17 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2015-09-09 00:35:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2015-09-09 00:35:09 ----A---- C:\WINDOWS\system32\win32kfull.sys
2015-09-09 00:34:45 ----A---- C:\WINDOWS\system32\SettingSync.dll
2015-09-09 00:34:45 ----A---- C:\WINDOWS\system32\jscript.dll
2015-09-09 00:34:44 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-09-09 00:34:44 ----A---- C:\WINDOWS\system32\iertutil(6246).dll
2015-09-09 00:34:43 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2015-09-09 00:34:43 ----A---- C:\WINDOWS\system32\schedsvc.dll
2015-09-09 00:34:42 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-09-09 00:34:41 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-09-09 00:34:40 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2015-09-09 00:34:40 ----A---- C:\WINDOWS\system32\winlogon.exe
2015-09-09 00:34:40 ----A---- C:\WINDOWS\system32\winlogon(6476).exe
2015-09-09 00:34:40 ----A---- C:\WINDOWS\system32\win32kbase.sys
2015-09-09 00:34:40 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-09-09 00:34:40 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2015-09-09 00:34:39 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-09-09 00:34:39 ----A---- C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-09 00:34:39 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-09-09 00:34:38 ----A---- C:\WINDOWS\SYSWOW64\shacct.dll
2015-09-09 00:34:38 ----A---- C:\WINDOWS\system32\shacct.dll
2015-09-09 00:34:38 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-09-09 00:34:36 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-09-09 00:34:36 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-09-08 17:31:53 ----D---- C:\Users\Catlyne Nix\AppData\Roaming\SyncTunesDesktop
2015-09-08 17:31:36 ----D---- C:\Program Files (x86)\The Bit Studio
2015-09-08 17:26:07 ----A---- C:\WINDOWS\system32\drivers\ssudmdm.sys
2015-09-08 17:24:38 ----A---- C:\WINDOWS\system32\drivers\ssudbus.sys
2015-09-06 18:00:19 ----D---- C:\WINDOWS\Panther

======List of files/folders modified in the last 1 month======

2015-10-03 13:51:24 ----D---- C:\WINDOWS\Prefetch
2015-10-03 13:51:10 ----RD---- C:\Program Files
2015-10-03 13:49:12 ----D---- C:\WINDOWS\Temp
2015-10-03 13:39:52 ----D---- C:\WINDOWS\system32\config
2015-10-03 13:39:28 ----D---- C:\WINDOWS\CbsTemp
2015-10-03 13:38:04 ----D---- C:\Users\Catlyne Nix\AppData\Roaming\Dropbox
2015-10-03 13:37:56 ----D---- C:\Users\Catlyne Nix\AppData\Roaming\Spotify
2015-10-03 13:35:23 ----D---- C:\Users\Catlyne Nix\AppData\Roaming\Skype
2015-10-03 13:34:20 ----D---- C:\ProgramData\MFAData
2015-10-03 13:33:34 ----D---- C:\WINDOWS\AppReadiness
2015-10-03 13:31:00 ----D---- C:\WINDOWS\System32
2015-10-03 13:27:18 ----D---- C:\WINDOWS\WinSxS
2015-10-03 13:27:14 ----D---- C:\WINDOWS\system32\wbem
2015-10-03 13:27:14 ----D---- C:\Windows
2015-10-03 13:23:33 ----D---- C:\WINDOWS\Tasks
2015-10-03 13:23:33 ----D---- C:\WINDOWS\system32\Tasks
2015-10-03 13:23:33 ----D---- C:\WINDOWS\system32\sru
2015-10-03 13:23:33 ----D---- C:\WINDOWS\system32\catroot2
2015-10-03 13:23:21 ----D---- C:\WINDOWS\SYSWOW64\wbem
2015-10-03 13:23:21 ----D---- C:\WINDOWS\SysWOW64
2015-10-03 13:23:18 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2015-10-03 13:23:17 ----SD---- C:\WINDOWS\system32\Nui
2015-10-03 13:23:17 ----D---- C:\WINDOWS\system32\oobe
2015-10-03 13:23:17 ----D---- C:\WINDOWS\system32\migration
2015-10-03 13:23:17 ----D---- C:\WINDOWS\system32\MailContactsCalendarSync
2015-10-03 13:23:17 ----D---- C:\WINDOWS\system32\inetsrv
2015-10-03 13:23:16 ----D---- C:\WINDOWS\system32\drivers\UMDF
2015-10-03 13:23:16 ----D---- C:\WINDOWS\system32\drivers
2015-10-03 13:23:15 ----RSD---- C:\WINDOWS\Media
2015-10-03 13:23:15 ----D---- C:\WINDOWS\servicing
2015-10-03 13:23:15 ----D---- C:\WINDOWS\Provisioning
2015-10-03 13:23:15 ----D---- C:\WINDOWS\L2Schemas
2015-10-03 13:23:06 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-10-03 13:23:06 ----D---- C:\WINDOWS\INF
2015-10-03 13:23:06 ----D---- C:\WINDOWS\IME
2015-10-03 13:23:06 ----D---- C:\WINDOWS\AppPatch
2015-10-03 13:22:42 ----D---- C:\Program Files\Windows Defender
2015-10-03 13:18:26 ----D---- C:\WINDOWS\SYSWOW64\config
2015-10-03 13:18:22 ----D---- C:\WINDOWS\System
2015-10-03 13:18:19 ----D---- C:\WINDOWS\system32\Sysprep
2015-10-03 13:18:05 ----D---- C:\WINDOWS\system32\drivers\etc
2015-10-03 13:18:05 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-10-03 13:17:44 ----SHD---- C:\WINDOWS\Installer
2015-10-03 13:15:16 ----HD---- C:\ProgramData
2015-10-03 13:15:16 ----D---- C:\ProgramData\clear.fi
2015-10-03 13:15:16 ----D---- C:\ProgramData\BackupManager
2015-10-03 13:00:36 ----D---- C:\WINDOWS\registration
2015-10-03 12:58:10 ----D---- C:\WINDOWS\Web
2015-10-03 12:58:10 ----D---- C:\WINDOWS\Vss
2015-10-03 12:58:09 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
2015-10-03 12:58:05 ----D---- C:\WINDOWS\SYSWOW64\winrm
2015-10-03 12:58:04 ----D---- C:\WINDOWS\SYSWOW64\WindowsPowerShell
2015-10-03 12:57:55 ----D---- C:\WINDOWS\SYSWOW64\spp
2015-10-03 12:57:55 ----D---- C:\WINDOWS\SYSWOW64\Speech_OneCore
2015-10-03 12:57:55 ----D---- C:\WINDOWS\SYSWOW64\Speech
2015-10-03 12:57:54 ----D---- C:\WINDOWS\SYSWOW64\slmgr
2015-10-03 12:57:49 ----D---- C:\WINDOWS\SYSWOW64\Printing_Admin_Scripts
2015-10-03 12:57:48 ----D---- C:\WINDOWS\SYSWOW64\oobe
2015-10-03 12:57:45 ----D---- C:\WINDOWS\SYSWOW64\nl-NL
2015-10-03 12:57:44 ----D---- C:\WINDOWS\SYSWOW64\MUI
2015-10-03 12:57:38 ----D---- C:\WINDOWS\SYSWOW64\migration
2015-10-03 12:57:35 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2015-10-03 12:57:34 ----D---- C:\WINDOWS\SYSWOW64\Licenses
2015-10-03 12:57:32 ----D---- C:\WINDOWS\SYSWOW64\InstallShield
2015-10-03 12:57:32 ----D---- C:\WINDOWS\SYSWOW64\InputMethod
2015-10-03 12:57:32 ----D---- C:\WINDOWS\SYSWOW64\inetsrv
2015-10-03 12:57:32 ----D---- C:\WINDOWS\SYSWOW64\IME
2015-10-03 12:57:28 ----SD---- C:\WINDOWS\SYSWOW64\F12
2015-10-03 12:57:25 ----D---- C:\WINDOWS\SYSWOW64\drivers\UMDF
2015-10-03 12:57:25 ----D---- C:\WINDOWS\SYSWOW64\drivers
2015-10-03 12:57:25 ----D---- C:\WINDOWS\SYSWOW64\Dism
2015-10-03 12:57:08 ----D---- C:\WINDOWS\SYSWOW64\Com
2015-10-03 12:57:07 ----D---- C:\WINDOWS\SYSWOW64\BestPractices
2015-10-03 12:57:03 ----D---- C:\WINDOWS\SystemResources
2015-10-03 12:57:02 ----D---- C:\WINDOWS\SystemApps
2015-10-03 12:56:19 ----D---- C:\WINDOWS\system32\winrm
2015-10-03 12:56:16 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2015-10-03 12:55:53 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2015-10-03 12:55:43 ----D---- C:\WINDOWS\system32\spp
2015-10-03 12:55:43 ----D---- C:\WINDOWS\system32\spool
2015-10-03 12:55:42 ----D---- C:\WINDOWS\system32\Speech_OneCore
2015-10-03 12:55:41 ----D---- C:\WINDOWS\system32\Speech
2015-10-03 12:55:40 ----D---- C:\WINDOWS\system32\SMI
2015-10-03 12:55:40 ----D---- C:\WINDOWS\system32\slmgr
2015-10-03 12:55:32 ----D---- C:\WINDOWS\system32\ras
2015-10-03 12:55:30 ----D---- C:\WINDOWS\system32\Printing_Admin_Scripts
2015-10-03 12:55:29 ----D---- C:\WINDOWS\system32\PointOfService
2015-10-03 12:55:20 ----D---- C:\WINDOWS\system32\nl-NL
2015-10-03 12:55:16 ----D---- C:\WINDOWS\system32\MUI
2015-10-03 12:55:08 ----D---- C:\WINDOWS\system32\migwiz
2015-10-03 12:55:07 ----SD---- C:\WINDOWS\system32\Microsoft
2015-10-03 12:55:03 ----D---- C:\WINDOWS\system32\Macromed
2015-10-03 12:55:01 ----D---- C:\WINDOWS\system32\Licenses
2015-10-03 12:54:57 ----D---- C:\WINDOWS\system32\InputMethod
2015-10-03 12:54:55 ----D---- C:\WINDOWS\system32\IME
2015-10-03 12:54:46 ----SD---- C:\WINDOWS\system32\F12
2015-10-03 12:54:39 ----SD---- C:\WINDOWS\system32\dsc
2015-10-03 12:54:38 ----D---- C:\WINDOWS\system32\DriverStore
2015-10-03 12:54:26 ----D---- C:\WINDOWS\system32\Dism
2015-10-03 12:54:25 ----SD---- C:\WINDOWS\system32\DiagSvcs
2015-10-03 12:54:17 ----D---- C:\WINDOWS\system32\Com
2015-10-03 12:54:14 ----D---- C:\WINDOWS\system32\CatRoot
2015-10-03 12:54:11 ----D---- C:\WINDOWS\system32\Boot
2015-10-03 12:54:10 ----D---- C:\WINDOWS\system32\BestPractices
2015-10-03 12:54:01 ----D---- C:\WINDOWS\Speech_OneCore
2015-10-03 12:54:01 ----D---- C:\WINDOWS\Speech
2015-10-03 12:54:01 ----D---- C:\WINDOWS\SKB
2015-10-03 12:54:01 ----D---- C:\WINDOWS\Setup
2015-10-03 12:53:56 ----D---- C:\WINDOWS\ServiceProfiles
2015-10-03 12:53:56 ----D---- C:\WINDOWS\security
2015-10-03 12:53:56 ----D---- C:\WINDOWS\schemas
2015-10-03 12:53:55 ----RD---- C:\WINDOWS\PurchaseDialog
2015-10-03 12:53:55 ----D---- C:\WINDOWS\Resources
2015-10-03 12:53:55 ----D---- C:\WINDOWS\rescache
2015-10-03 12:53:54 ----RD---- C:\WINDOWS\PrintDialog
2015-10-03 12:53:54 ----RD---- C:\WINDOWS\MiracastView
2015-10-03 12:53:54 ----D---- C:\WINDOWS\PolicyDefinitions
2015-10-03 12:53:54 ----D---- C:\WINDOWS\PLA
2015-10-03 12:53:54 ----D---- C:\WINDOWS\Performance
2015-10-03 12:53:54 ----D---- C:\WINDOWS\OCR
2015-10-03 12:53:53 ----D---- C:\WINDOWS\Migration
2015-10-03 12:53:43 ----D---- C:\WINDOWS\Microsoft.NET
2015-10-03 12:53:31 ----D---- C:\WINDOWS\InputMethod
2015-10-03 12:53:18 ----D---- C:\WINDOWS\Help
2015-10-03 12:53:18 ----D---- C:\WINDOWS\Globalization
2015-10-03 12:53:16 ----RD---- C:\WINDOWS\DevicesFlow
2015-10-03 12:53:16 ----RD---- C:\WINDOWS\DesktopTileResources
2015-10-03 12:53:16 ----D---- C:\WINDOWS\diagnostics
2015-10-03 12:53:16 ----D---- C:\WINDOWS\Branding
2015-10-03 12:53:15 ----D---- C:\WINDOWS\Boot
2015-10-03 12:52:53 ----RD---- C:\WINDOWS\assembly
2015-10-03 12:52:20 ----RD---- C:\Users
2015-10-03 12:52:20 ----D---- C:\WINDOWS\appcompat
2015-10-03 12:52:12 ----SD---- C:\Users\Catlyne Nix\AppData\Roaming\Microsoft
2015-10-03 12:45:36 ----D---- C:\ProgramData\Package Cache
2015-10-03 12:45:21 ----SD---- C:\ProgramData\Microsoft
2015-10-03 12:45:02 ----SD---- C:\Program Files\WindowsPowerShell
2015-10-03 12:45:00 ----HD---- C:\Program Files\WindowsApps
2015-10-03 12:42:25 ----SHD---- C:\Program Files\Windows Sidebar
2015-10-03 12:42:25 ----D---- C:\Program Files\Windows Photo Viewer
2015-10-03 12:42:25 ----D---- C:\Program Files\Windows NT
2015-10-03 12:42:25 ----D---- C:\Program Files\Windows Media Player
2015-10-03 12:42:25 ----D---- C:\Program Files\Windows Mail
2015-10-03 12:42:24 ----D---- C:\Program Files\Windows Journal
2015-10-03 12:42:23 ----D---- C:\Program Files\Synaptics
2015-10-03 12:42:23 ----D---- C:\Program Files\Reference Assemblies
2015-10-03 12:42:23 ----D---- C:\Program Files\Realtek
2015-10-03 12:42:23 ----D---- C:\Program Files\MSBuild
2015-10-03 12:42:22 ----D---- C:\Program Files\Microsoft Games
2015-10-03 12:42:22 ----D---- C:\Program Files\Internet Explorer
2015-10-03 12:42:22 ----D---- C:\Program Files\Common Files\System
2015-10-03 12:42:22 ----D---- C:\Program Files\Common Files\SpeechEngines
2015-10-03 12:42:22 ----D---- C:\Program Files\Common Files\microsoft shared
2015-10-03 12:42:22 ----D---- C:\Program Files\Common Files
2015-10-03 12:42:19 ----SHD---- C:\Program Files (x86)\Windows Sidebar
2015-10-03 12:42:19 ----SD---- C:\Program Files (x86)\WindowsPowerShell
2015-10-03 12:42:19 ----RD---- C:\Program Files (x86)
2015-10-03 12:42:19 ----D---- C:\Program Files\ATI Technologies
2015-10-03 12:42:19 ----D---- C:\Program Files\AMD
2015-10-03 12:42:19 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2015-10-03 12:42:19 ----D---- C:\Program Files (x86)\Windows NT
2015-10-03 12:42:19 ----D---- C:\Program Files (x86)\Windows Media Player
2015-10-03 12:42:18 ----D---- C:\Program Files (x86)\Windows Mail
2015-10-03 12:42:18 ----D---- C:\Program Files (x86)\Windows Defender
2015-10-03 12:42:18 ----D---- C:\Program Files (x86)\Reference Assemblies
2015-10-03 12:42:18 ----D---- C:\Program Files (x86)\MSBuild
2015-10-03 12:42:18 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-10-03 12:42:17 ----D---- C:\Program Files (x86)\Internet Explorer
2015-10-03 12:42:07 ----D---- C:\Program Files (x86)\Common Files
2015-10-03 12:42:00 ----D---- C:\Program Files (x86)\ATI Technologies
2015-10-03 12:41:59 ----D---- C:\AMD
2015-10-03 01:36:13 ----D---- C:\WINDOWS\system32\NDF
2015-10-02 00:52:07 ----D---- C:\ProgramData\SoftwareDistribution
2015-10-02 00:21:17 ----SHD---- C:\System Volume Information
2015-09-29 21:49:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-28 14:11:24 ----HD---- C:\Config.Msi
2015-09-20 15:29:30 ----D---- C:\Users\Catlyne Nix\AppData\Roaming\uTorrent
2015-09-15 18:12:10 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-09-11 11:51:27 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-09-11 06:18:11 ----D---- C:\WINDOWS\system32\appraiser
2015-09-11 00:26:40 ----D---- C:\Program Files (x86)\ibVPN
2015-09-11 00:07:32 ----D---- C:\ProgramData\Microsoft Help
2015-09-09 14:32:55 ----D---- C:\WINDOWS\system32\MRT
2015-09-06 22:11:17 ----D---- C:\Windows.old

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\WINDOWS\system32\DRIVERS\avgidsha.sys [2015-08-19 297904]
R0 Avgloga;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avgloga.sys [2015-05-07 378336]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx64.sys [2015-08-04 250800]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx64.sys [2015-03-20 40928]
R1 Avgdiska;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiska.sys [2015-03-11 162784]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys [2015-08-19 313264]
R1 Avgldx64;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx64.sys [2015-06-16 259040]
R1 Avgwfpa;AVG Firewall Driver; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [2015-08-04 304560]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-07-10 8192]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2011-11-03 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2011-11-03 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2011-11-03 62776]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2012-02-09 125376]
R2 hmip;hmip; \??\C:\Windows\system32\Drivers\hmip64.sys [2013-06-19 30056]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-08-21 21632992]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-08-21 673776]
R3 athr;@oem18.inf,%ATHR.Service.DispName%;Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athrx.sys [2011-06-02 2750464]
R3 AtiHDAudioService;@oem37.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2015-05-28 102912]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-24 4504320]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2015-07-10 129224]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2015-08-04 175104]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-09-20 18432]
R3 RSUSBSTOR;@oem9.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2010-12-01 250984]
R3 SynTP;@oem41.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-08-04 606376]
R3 tap0901;@oem6.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\tap0901.sys [2013-08-22 40664]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\WINDOWS\system32\DRIVERS\avgboota.sys [2015-03-27 21152]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288]
S1 HssDRV6;Hotspot Shield Routing Driver 6; C:\WINDOWS\system32\DRIVERS\hssdrv6.sys [2012-07-24 41704]
S3 acsock;acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [2014-10-16 112496]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-07-10 32256]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736]
S3 dg_ssudbus;@oem12.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2015-09-08 108800]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-07-17 934752]
S3 rtux64w10;@rtux64w10.inf,%Rtlunic.Service.DispName%;Realtek USB FE/GbE NIC Family Windows 10 64bit Driver; C:\WINDOWS\System32\drivers\rtux64w10.sys [2015-07-10 159744]
S3 ssudmdm;@oem26.inf,%ssud.Service.Name%;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2015-09-08 206080]
S3 taphss;Anchorfree HSS Adapter; C:\WINDOWS\system32\DRIVERS\taphss.sys [2012-01-05 37888]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-08-21 255472]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2015-08-03 344064]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2015-08-24 3637160]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2015-08-24 335656]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353360]
R2 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-08-02 872552]
R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\WINDOWS\syswow64\svchost.exe [2015-07-10 35176]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R2 IePluginService;IePlugin Service; C:\ProgramData\IePluginService\PluginService.exe [2014-04-11 705136]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2015-08-04 26112]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2015-07-10 39856]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-02 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-01-05 256536]
R2 OneSyncSvc_Session1;Host synchroniseren_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-04-12 624856]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2015-07-10 39856]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-08-04 237736]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\syswow64\svchost.exe [2015-07-10 35176]
R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 PimIndexMaintenanceSvc_Session1;Contact Data_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696]
S2 dbupdate;Dropbox-update-service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-09 136048]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
S2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 dbupdatem;Dropbox-update-service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-09 136048]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-11-27 655624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-17 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-07-12 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-07-10 50352]

-----------------EOF-----------------