Logfile of random's system information tool 1.10 (written by random/random)
Run by Gebruiker at 2016-11-21 20:57:28
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 180 GB (75%) free of 238 GB
Total RAM: 16304 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:57:29, on 21-11-2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Users\Gebruiker\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Gyazo\GyStation.exe
C:\Program Files (x86)\Hotkey\Hotkey.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\trend micro\Gebruiker.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKCU\..\Run: [f.lux] "C:\Users\Gebruiker\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2410021377-519346482-55981817-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2410021377-519346482-55981817-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Hotkey.lnk = C:\Program Files (x86)\Hotkey\Hotkey.exe
O4 - Global Startup: Killer Network Manager.lnk = ?
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Qualcomm Atheros Killer Service V2 - Qualcomm Atheros - C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8087 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\HitmanPro\hmpsched.exe"
C:\Windows\system32\svchost.exe -k NetworkService
winlogon.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Hotkey\PowerBiosServer.exe"
"C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe" 
"C:\Windows\System32\hkcmd.exe" 
"C:\Windows\System32\igfxpers.exe" 
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Program Files\Elantech\ETDCtrl.exe" 
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files\iTunes\iTunesHelper.exe" 
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Users\Gebruiker\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" 
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe" 
"C:\Program Files (x86)\Gyazo\GyStation.exe" 
"C:\Program Files (x86)\Hotkey\Hotkey.exe" 
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" 
"C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe" -minimize
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=54.0.2840.99 --handshake-handle=0x7c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteEvaluatorGroup/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_55/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,15,16,17,20,34,51,60 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.18.10.3257 --gpu-driver-date=7-29-2013 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x1292 --mojo-application-channel-token=B56EC2A3C51E352BF0CD97AA8BB129E3 --mojo-platform-channel-handle=1096 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteEvaluatorGroup/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_55/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=7FA6058F2166C7C6FE0880C11FC7943B --lang=nl --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=7FA6058F2166C7C6FE0880C11FC7943B --channel="4604.2.190350649\724112815" --mojo-platform-channel-handle=2920 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteEvaluatorGroup/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_55/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=B53B22A4A08E0CEDD0368BDC3B8E26FD --lang=nl --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=B53B22A4A08E0CEDD0368BDC3B8E26FD --channel="4604.4.325954345\895144834" --mojo-platform-channel-handle=3768 /prefetch:1
"c:\Program Files\Microsoft Security Client\MpCmdRun.exe" SignatureUpdate -ScheduleJob -RestrictPrivileges -Reinvoke
"c:\Program Files\Microsoft Security Client\MpCmdRun.exe" SignaturesUpdateService -ScheduleJob -UnmanagedUpdate
\??\C:\Windows\system32\conhost.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteEvaluatorGroup/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_55/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=67B829C3E033992713C43EEA0C7C276B --lang=nl --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=67B829C3E033992713C43EEA0C7C276B --channel="4604.16.2096715840\523715901" --mojo-platform-channel-handle=2644 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteEvaluatorGroup/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_55/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=6647154AD7E22C12A490BF346D4E71B5 --lang=nl --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=6647154AD7E22C12A490BF346D4E71B5 --channel="4604.20.1703188573\1443963993" --mojo-platform-channel-handle=2920 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544 
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Gebruiker\Desktop\RSITx64.exe" 

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c 
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 

=========Mozilla firefox=========

ProfilePath - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\sgbs2t6y.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-09-06 165872]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-09-06 407536]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-09-06 444400]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-09-07 2871632]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2013-05-10 5675184]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2016-11-01 176440]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-01-29 1340192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"f.lux"=C:\Users\Gebruiker\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-23 1017224]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2016-10-18 7943072]
"Gyazo"=C:\Program Files (x86)\Gyazo\GyStation.exe [2016-11-10 5077280]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2013-04-26 292848]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Hotkey.lnk - C:\Program Files (x86)\Hotkey\Hotkey.exe
Killer Network Manager.lnk - C:\Windows\Installer\{42CD22A9-1451-4CF7-8781-AB27257FC347}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-07-29 441344]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-11-21 19:01:01 ----D---- C:\7df41b50df7f583b39d2e46d94e9
2016-11-20 21:34:50 ----A---- C:\Windows\ntbtlog.txt
2016-11-20 13:29:17 ----D---- C:\Program Files\trend micro
2016-11-20 13:29:16 ----D---- C:\rsit
2016-11-20 13:24:37 ----D---- C:\Program Files\HitmanPro
2016-11-20 13:24:15 ----D---- C:\ProgramData\HitmanPro
2016-11-20 04:25:58 ----D---- C:\876cb40e3d273166e14b679eddd47e4d
2016-11-19 22:04:10 ----D---- C:\Users\Gebruiker\AppData\Roaming\Gyazo
2016-11-19 22:03:40 ----D---- C:\Program Files (x86)\Gyazo
2016-11-19 15:37:55 ----D---- C:\Users\Gebruiker\AppData\Roaming\Mozilla
2016-11-19 15:37:49 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-19 15:37:48 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-11-18 04:11:25 ----D---- C:\Users\Gebruiker\AppData\Roaming\vlc
2016-11-18 04:07:37 ----D---- C:\Program Files (x86)\VideoLAN
2016-11-18 04:02:23 ----D---- C:\Users\Gebruiker\AppData\Roaming\uTorrent
2016-11-17 03:16:24 ----D---- C:\Program Files (x86)\Microsoft Security Client
2016-11-17 03:16:23 ----D---- C:\Program Files\Microsoft Security Client
2016-11-17 01:49:41 ----D---- C:\Users\Gebruiker\AppData\Roaming\Apple Computer
2016-11-17 01:49:37 ----D---- C:\Program Files\iPod
2016-11-17 01:49:36 ----D---- C:\ProgramData\Apple Computer
2016-11-17 01:49:36 ----D---- C:\Program Files\iTunes
2016-11-17 01:48:20 ----D---- C:\Program Files (x86)\Apple Software Update
2016-11-17 01:48:16 ----D---- C:\Program Files\Bonjour
2016-11-17 01:48:16 ----D---- C:\Program Files (x86)\Bonjour
2016-11-17 01:48:13 ----D---- C:\Program Files\Common Files\Apple
2016-11-17 01:48:08 ----D---- C:\ProgramData\Apple
2016-11-17 01:41:39 ----D---- C:\Users\Gebruiker\AppData\Roaming\SUPERAntiSpyware.com
2016-11-17 01:41:24 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2016-11-17 01:41:24 ----D---- C:\Program Files\SUPERAntiSpyware
2016-11-17 01:40:49 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-11-17 01:40:06 ----D---- C:\ProgramData\Malwarebytes
2016-11-17 01:40:06 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-17 01:40:06 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-11-17 01:40:06 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-11-17 01:40:06 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-11-17 01:35:05 ----A---- C:\Windows\system32\wups2.dll
2016-11-17 01:35:05 ----A---- C:\Windows\system32\wucltux.dll
2016-11-17 01:35:05 ----A---- C:\Windows\system32\wuaueng.dll
2016-11-17 01:35:05 ----A---- C:\Windows\system32\wuauclt.exe
2016-11-17 01:35:03 ----D---- C:\Program Files (x86)\Google
2016-11-17 01:35:03 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-11-17 01:35:03 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-11-17 01:35:03 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-11-17 01:35:03 ----A---- C:\Windows\system32\wups.dll
2016-11-17 01:35:03 ----A---- C:\Windows\system32\wudriver.dll
2016-11-17 01:35:03 ----A---- C:\Windows\system32\wuapi.dll
2016-11-17 01:35:02 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-11-17 01:35:02 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-11-17 01:35:02 ----A---- C:\Windows\system32\wuwebv.dll
2016-11-17 01:35:02 ----A---- C:\Windows\system32\wuapp.exe
2016-11-17 01:31:59 ----D---- C:\Windows\SYSWOW64\NV
2016-11-17 01:31:59 ----D---- C:\Windows\system32\NV
2016-11-17 01:31:17 ----D---- C:\ProgramData\Qualcomm
2016-11-17 01:31:06 ----D---- C:\Program Files\Qualcomm Atheros
2016-11-17 01:31:06 ----D---- C:\Program Files\Cisco
2016-11-17 01:30:57 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-11-17 01:29:52 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-11-17 01:29:30 ----D---- C:\ProgramData\Downloaded Installations
2016-11-17 01:24:19 ----D---- C:\Windows\system32\SRSLabs
2016-11-17 01:24:19 ----D---- C:\Program Files\VIA
2016-11-17 01:24:18 ----A---- C:\Windows\SYSWOW64\VMTHX32.DLL
2016-11-17 01:24:18 ----A---- C:\Windows\SYSWOW64\VMAPO32.DLL
2016-11-17 01:24:18 ----A---- C:\Windows\SYSWOW64\VMAPO232.DLL
2016-11-17 01:24:18 ----A---- C:\Windows\system32\WavesGUILib64.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\VtSrdAPO.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\VMWRP64.DLL
2016-11-17 01:24:18 ----A---- C:\Windows\system32\VMTHX64.DLL
2016-11-17 01:24:18 ----A---- C:\Windows\system32\VMPPLD64.DLL
2016-11-17 01:24:18 ----A---- C:\Windows\system32\VMPPCN64.DLL
2016-11-17 01:24:18 ----A---- C:\Windows\system32\VMAPO64.DLL
2016-11-17 01:24:18 ----A---- C:\Windows\system32\VMAPO264.DLL
2016-11-17 01:24:18 ----A---- C:\Windows\system32\VIASysFx.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\VIAPropPageExt.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\ViaMicArrayPropPageExt.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\ViaMicArrayAPO.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\ViakaraokeSrv.exe
2016-11-17 01:24:18 ----A---- C:\Windows\system32\ViaKaraokePropPageExt.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\ViaKaraokeApo.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\PropPageExt.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\nQPropPageExt.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\nQAPO.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\MaxxAudioVIA64.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\EEL64A.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\EEG64H.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\EEG64A.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\EED64H.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\EED64A.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\EEA64H.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\EEA64A.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\Dts2PropPageExt.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\Dts2APO.dll
2016-11-17 01:24:18 ----A---- C:\Windows\system32\drivers\VMfilt64.sys
2016-11-17 01:24:18 ----A---- C:\Windows\system32\drivers\viahduaa.sys
2016-11-17 01:24:17 ----A---- C:\Windows\system32\EEP64H.dll
2016-11-17 01:24:17 ----A---- C:\Windows\system32\EEL64H.dll
2016-11-17 01:23:44 ----N---- C:\Windows\difxapi.dll
2016-11-17 01:23:44 ----D---- C:\Program Files (x86)\VIA
2016-11-17 01:23:15 ----RA---- C:\Windows\system32\drivers\IntelMEFWVer.dll
2016-11-17 01:23:11 ----D---- C:\ProgramData\Intel
2016-11-17 01:21:55 ----A---- C:\Windows\system32\drivers\iusb3hcs.sys
2016-11-17 01:21:49 ----A---- C:\Windows\system32\drivers\iusb3xhc.sys
2016-11-17 01:21:49 ----A---- C:\Windows\system32\drivers\iusb3hub.sys
2016-11-17 01:21:11 ----D---- C:\Program Files (x86)\Hotkey
2016-11-17 01:20:38 ----D---- C:\Program Files\Elantech
2016-11-17 01:20:36 ----A---- C:\Windows\system32\drivers\ETD.sys
2016-11-17 01:18:52 ----D---- C:\Windows\SYSWOW64\sda
2016-11-17 01:18:51 ----A---- C:\Windows\SYSWOW64\RtsBaStorIcon.dll
2016-11-17 01:18:47 ----RA---- C:\Windows\system32\drivers\RtsBaStor.sys
2016-11-17 01:18:02 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-11-17 01:18:02 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-11-17 01:18:00 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-11-17 01:17:54 ----D---- C:\Program Files (x86)\Realtek
2016-11-17 01:17:53 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-11-17 01:17:08 ----D---- C:\ProgramData\NVIDIA
2016-11-17 01:17:07 ----SHD---- C:\Windows\Installer
2016-11-17 01:17:07 ----D---- C:\Program Files (x86)\AGEIA Technologies
2016-11-17 01:17:05 ----A---- C:\Windows\system32\nvvsvc.exe
2016-11-17 01:17:05 ----A---- C:\Windows\system32\nvsvcr.dll
2016-11-17 01:17:05 ----A---- C:\Windows\system32\nvsvc64.dll
2016-11-17 01:17:05 ----A---- C:\Windows\system32\nvshext.dll
2016-11-17 01:17:05 ----A---- C:\Windows\system32\nvmctray.dll
2016-11-17 01:17:05 ----A---- C:\Windows\system32\nvcpl.dll
2016-11-17 01:17:05 ----A---- C:\Windows\system32\nv3dappshextr.dll
2016-11-17 01:17:05 ----A---- C:\Windows\system32\nv3dappshext.dll
2016-11-17 01:16:57 ----D---- C:\ProgramData\NVIDIA Corporation
2016-11-17 01:16:56 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-11-17 01:16:54 ----A---- C:\Windows\system32\nvdispgenco6431154.dll
2016-11-17 01:16:54 ----A---- C:\Windows\system32\nvdispco6431154.dll
2016-11-17 01:16:43 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2016-11-17 01:16:42 ----A---- C:\Windows\system32\nvwgf2umx.dll
2016-11-17 01:16:41 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2016-11-17 01:16:41 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2016-11-17 01:16:41 ----A---- C:\Windows\system32\nvumdshimx.dll
2016-11-17 01:16:41 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2016-11-17 01:16:40 ----A---- C:\Windows\system32\nvopencl.dll
2016-11-17 01:16:38 ----A---- C:\Windows\system32\nvoglv64.dll
2016-11-17 01:16:37 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2016-11-17 01:16:35 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2016-11-17 01:16:35 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2016-11-17 01:16:35 ----A---- C:\Windows\system32\nvinitx.dll
2016-11-17 01:16:35 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2016-11-17 01:16:35 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2016-11-17 01:16:33 ----A---- C:\Windows\system32\nvd3dumx.dll
2016-11-17 01:16:31 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2016-11-17 01:16:31 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2016-11-17 01:16:31 ----A---- C:\Windows\system32\nvcuvid.dll
2016-11-17 01:16:30 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2016-11-17 01:16:30 ----A---- C:\Windows\system32\nvcuvenc.dll
2016-11-17 01:16:29 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2016-11-17 01:16:28 ----A---- C:\Windows\system32\nvcuda.dll
2016-11-17 01:16:14 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2016-11-17 01:16:12 ----A---- C:\Windows\system32\nvcompiler.dll
2016-11-17 01:16:11 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2016-11-17 01:16:11 ----A---- C:\Windows\system32\nvapi64.dll
2016-11-17 01:15:45 ----D---- C:\Program Files\NVIDIA Corporation
2016-11-17 01:14:45 ----A---- C:\Windows\SYSWOW64\OpenCL.DLL
2016-11-17 01:14:45 ----A---- C:\Windows\system32\OpenCL.DLL
2016-11-17 01:14:44 ----D---- C:\Program Files\Intel
2016-11-17 01:12:21 ----RA---- C:\Windows\SYSWOW64\CSVer.dll
2016-11-17 01:12:21 ----D---- C:\Program Files (x86)\Intel
2016-11-17 01:11:31 ----D---- C:\Intel
2016-11-17 00:59:20 ----D---- C:\Users\Gebruiker\AppData\Roaming\Identities
2016-11-17 00:59:17 ----SD---- C:\Users\Gebruiker\AppData\Roaming\Microsoft
2016-11-17 00:59:17 ----D---- C:\Users\Gebruiker\AppData\Roaming\Media Center Programs
2016-11-17 00:59:15 ----SHD---- C:\Recovery
2016-11-17 00:59:15 ----SHD---- C:\ProgramData\Sjablonen
2016-11-17 00:59:15 ----SHD---- C:\ProgramData\Menu Start
2016-11-17 00:59:15 ----SHD---- C:\ProgramData\Favorieten
2016-11-17 00:59:15 ----SHD---- C:\ProgramData\Documenten
2016-11-17 00:59:15 ----SHD---- C:\ProgramData\Bureaublad
2016-11-17 00:59:13 ----D---- C:\Windows\SoftwareDistribution
2016-11-17 00:55:39 ----D---- C:\Windows\Prefetch
2016-11-17 00:55:37 ----ASH---- C:\pagefile.sys
2016-11-17 00:55:32 ----ASH---- C:\hiberfil.sys
2016-11-17 00:54:48 ----SHD---- C:\System Volume Information
2016-11-17 00:53:35 ----D---- C:\Windows\Panther

======List of files/folders modified in the last 1 month======

2016-11-21 20:57:09 ----D---- C:\Windows\Temp
2016-11-21 20:13:18 ----D---- C:\Windows\system32\config
2016-11-21 20:06:00 ----D---- C:\Windows\System32
2016-11-21 20:06:00 ----D---- C:\Windows\inf
2016-11-21 20:06:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-21 20:02:26 ----D---- C:\Windows\system32\drivers
2016-11-21 19:30:01 ----D---- C:\Windows
2016-11-20 21:41:23 ----D---- C:\Windows\winsxs
2016-11-20 21:31:56 ----D---- C:\Windows\SYSWOW64\nl-NL
2016-11-20 21:31:56 ----D---- C:\Windows\SysWOW64
2016-11-20 21:31:56 ----D---- C:\Windows\system32\nl-NL
2016-11-20 13:29:17 ----RD---- C:\Program Files
2016-11-20 13:24:15 ----HD---- C:\ProgramData
2016-11-20 04:06:44 ----D---- C:\Windows\system32\catroot
2016-11-20 04:06:40 ----D---- C:\Windows\system32\catroot2
2016-11-19 22:03:43 ----D---- C:\Windows\system32\Tasks
2016-11-19 22:03:40 ----RD---- C:\Program Files (x86)
2016-11-17 21:03:36 ----D---- C:\Windows\Microsoft.NET
2016-11-17 21:03:35 ----RSD---- C:\Windows\assembly
2016-11-17 13:32:15 ----D---- C:\Windows\system32\wdi
2016-11-17 03:16:24 ----SD---- C:\ProgramData\Microsoft
2016-11-17 01:48:20 ----D---- C:\Windows\system32\DriverStore
2016-11-17 01:48:13 ----D---- C:\Program Files\Common Files
2016-11-17 01:48:08 ----D---- C:\Program Files (x86)\Common Files
2016-11-17 01:46:29 ----D---- C:\Windows\system32\drivers\UMDF
2016-11-17 01:35:03 ----D---- C:\Windows\Tasks
2016-11-17 01:29:52 ----D---- C:\Windows\SYSWOW64\en-US
2016-11-17 01:29:52 ----D---- C:\Windows\system32\en-US
2016-11-17 01:29:40 ----D---- C:\Windows\Logs
2016-11-17 01:25:52 ----D---- C:\Windows\system32\NDF
2016-11-17 01:23:08 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-11-17 01:17:50 ----D---- C:\Windows\system32\restore
2016-11-17 01:17:08 ----RD---- C:\Users
2016-11-17 01:17:05 ----D---- C:\Windows\Help
2016-11-17 01:07:08 ----D---- C:\Windows\system32\CodeIntegrity
2016-11-17 00:59:19 ----SHD---- C:\$Recycle.Bin
2016-11-17 00:59:15 ----D---- C:\Program Files\Windows NT
2016-11-17 00:57:36 ----D---- C:\Windows\rescache
2016-11-17 00:57:35 ----D---- C:\Windows\debug
2016-11-17 00:56:24 ----D---- C:\Windows\system32\sysprep

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iusb3hcs;Intel(R) USB 3.0 hostcontrollerswitch-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-04-26 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-11-13 289120]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-04-15 30496]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 BfLwf;Qualcomm Atheros Bandwidth Control; C:\Windows\system32\DRIVERS\bflwfx64.sys [2013-02-13 67888]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Ak27x64;Killer Wireless-N 1102 device driver; C:\Windows\system32\DRIVERS\Ak27x64.sys [2013-05-30 3932880]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-09-07 318800]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-07-29 4448192]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-07-29 452088]
R3 iusb3hub;Intel(R) USB 3.0 hub-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-04-26 368112]
R3 iusb3xhc;Intel(R) USB 3.0 uitbreidbare hostcontroller-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-04-26 786416]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2016-11-21 192216]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-07-17 64624]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-11-13 133816]
R3 RSBASTOR;Realtek PCIE CardReader Driver - BA; C:\Windows\system32\DRIVERS\RtsBaStor.sys [2012-12-07 302224]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-12-27 805088]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2013-05-10 2211528]
R3 VMfilt;VMfilt; C:\Windows\system32\drivers\VMfilt64.sys [2009-07-31 25600]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2016-03-28 54784]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-09-22 83768]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 HitmanProScheduler;HitmanPro Scheduler; C:\Program Files\HitmanPro\hmpsched.exe [2016-11-20 135496]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-11-15 2468496]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-07-17 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-07-17 366552]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-01-29 23808]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-04-14 884512]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-04-15 1260320]
R2 PowerBiosServer;PowerBiosServer; C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [2013-05-29 46592]
R2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [2013-06-26 341504]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2012-12-11 27768]
R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2016-11-01 651576]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-01-29 374344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-17 153752]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-09-06 279024]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-17 153752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-11-05 172488]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------