Zoek.exe v5.0.0.0 Updated 27-09-2014 Tool run by Mario on ma 29-09-2014 at 11:13:53,37. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Mario\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 29-9-2014 11:15:30 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\ASUS deleted successfully C:\Users\Mario\AppData\Local\CrashDumps deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE C:\Users\Mario\Desktop\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\5mhslyv8.default-1409655398802 user.js not found ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 3); ---- FireFox user.js and prefs.js backups ---- prefs_29-09-2014_1121_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\SopCast deleted C:\Users\Mario\AppData\Roaming\ParetoLogic deleted C:\Users\Mario\AppData\Roaming\DriverCure deleted C:\PROGRA~3\ParetoLogic deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\WINDOWS\SysNative\config\systemprofile\Searches deleted C:\WINDOWS\SysWow64\AI_RecycleBin deleted C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\5mhslyv8.default-1409655398802\extensions\firefoxdav@icloud.com deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8070 MB CPU Info: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz CPU Speed: 2396,7 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | NVIDIA GeForce GT 635M Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1536 X 864 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Bluetooth-apparaat (Personal Area Network) | Qualcomm Atheros AR9485WB-EG Wireless Network Adapter | Realtek PCIe GBE Family-controller CD / DVD Drives: 2x (E: | F: | ) E: Slimtype DVD A | F: DTSOFT BDROM Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 371,8GB | D: 537,6GB Hard Disks - Free: C: 308,6GB | D: 378,6GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | _ASUS_ - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK COMPUTER INC. K95VJ Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: ESET Smart Security 7.0 disabled (Outdated) Firewall: ESET Persoonlijke firewall disabled Default Browser: Firefox 32.0.3 Internet Explorer Version: 11.0.9600.17278 Mozilla Firefox version: 32.0.3 (x86 nl) Adobe Reader version: 10.0.0.396 Flash Player version: 15.0.0.152 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2014-09-14 08:30:39 ACDBE1ED38167C8B01B8F63161BB2CEA 2374784 ----a-w- C:\WINDOWS\explorer.exe 2014-08-30 15:38:07 2FA1C0E3C228B79D3E461952802CFA5F 32388 ----a-w- C:\WINDOWS\diagwrn.xml 2014-08-30 15:38:07 2FA1C0E3C228B79D3E461952802CFA5F 32388 ----a-w- C:\WINDOWS\diagerr.xml ====== C:\Users\Mario\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2014-09-21 18:39:38 3B26DCAB842C280FA7271FF2B58D3293 28352 ----a-w- C:\WINDOWS\SysWOW64\aspnet_counters.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2014-09-21 18:39:37 9BC00C5608BF75BEAE893814A3AEC2AD 29888 ----a-w- C:\WINDOWS\Sysnative\aspnet_counters.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2014-09-23 12:08:53 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf 2014-09-14 09:01:21 FEBAA7D782E30882FFF1CBCBBE8AD467 2515264 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2014-09-14 09:01:17 6416E79A58A8FCC33A447A4DDDD3BF04 412160 ----a-w- C:\WINDOWS\Sysnative\drivers\srv.sys 2014-09-14 09:01:16 77E1D08EF3BFB923F2EDC3FC8089E08E 475968 ----a-w- C:\WINDOWS\Sysnative\drivers\netio.sys 2014-09-14 09:01:16 5BED3AB69797C8786EF70AEA8C33748B 674816 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys 2014-09-14 09:01:16 038C77D577900EE39410662478BB0D50 2009920 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2014-09-14 09:01:15 97B9076611291AE4C4C107BC915BD026 1200640 -c--a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys 2014-09-14 09:01:15 240C5C3793206725AA05665851E8C214 412992 -c--a-w- C:\WINDOWS\Sysnative\drivers\spaceport.sys 2014-09-14 09:01:14 FF78D053A05E5A394F4E3C1816CC65A8 143680 -c--a-w- C:\WINDOWS\Sysnative\drivers\usbccgp.sys 2014-09-14 09:01:14 64CA2B4A49A8EAF495E435623ECCE7DB 310080 -c--a-w- C:\WINDOWS\Sysnative\drivers\volsnap.sys 2014-09-14 09:01:13 65392F3F3F65E4C6CC82A0F4F8A0B051 468288 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2014-09-14 09:01:12 D047CD668E6277FD80F0C613946F034C 246272 ----a-w- C:\WINDOWS\Sysnative\drivers\srvnet.sys 2014-09-14 09:01:12 26ACA481FAFEC59FE311D719E3027BBA 446976 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys 2014-09-14 09:01:11 FEF0BC107812B36849741C3211BA6B60 419648 -c--a-w- C:\WINDOWS\Sysnative\drivers\usbhub.sys 2014-09-14 09:01:06 E4B4BE2D7750849C07589DA0B0AABA01 1118040 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2014-09-14 09:01:06 9C096BF5E10CA8BFA56F32522A89FAF1 79872 ----a-w- C:\WINDOWS\Sysnative\drivers\IPMIDrv.sys 2014-09-14 09:01:05 D4B7ED39C7900384D9E5C1283F1E7926 76800 -c--a-w- C:\WINDOWS\Sysnative\drivers\hdaudbus.sys 2014-09-14 09:01:05 C910E5D18958914A66F0E45689D0B40A 206848 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys 2014-09-14 09:01:05 B1AA3B19A2E596A59224F893E01A5A75 126464 ----a-w- C:\WINDOWS\Sysnative\drivers\NdisImPlatform.sys 2014-09-14 09:01:04 E0927EFA25D473367C3341B9F5969779 115712 ----a-w- C:\WINDOWS\Sysnative\drivers\bridge.sys 2014-09-14 09:01:03 91ED124E261EA8FAA1C0FFDF2A71B0C4 280384 -c--a-w- C:\WINDOWS\Sysnative\drivers\pci.sys 2014-09-14 09:01:03 1DD05F4857C2188744B9E864658949DD 295424 ----a-w- C:\WINDOWS\Sysnative\drivers\ks.sys 2014-09-14 09:01:01 25BB93167DEF270188072603F92A1EF5 118272 -c--a-w- C:\WINDOWS\Sysnative\drivers\bthpan.sys 2014-09-14 08:25:33 8DF1254093B5C354CE725EB6B9B0DE19 146752 ----a-w- C:\WINDOWS\Sysnative\drivers\msgpioclx.sys 2014-09-05 11:38:18 8E98D21EE06192492A5671A6144D092F 33240 ----a-w- C:\WINDOWS\Sysnative\drivers\GEARAspiWDM.sys 2014-09-05 08:19:43 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2014-09-01 18:56:25 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_LocationProvider_01_11_00.Wdf 2014-08-30 16:48:09 7A1A3F213CDB3363D179D5014272025D 402432 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys 2014-08-30 16:48:08 674A4702E4E144E8710ED1A2EC6DD049 96768 ----a-w- C:\WINDOWS\Sysnative\drivers\agilevpn.sys 2014-08-30 16:48:07 65ED7B9CFEA893DF7748D5FF692690DE 38912 ----a-w- C:\WINDOWS\Sysnative\drivers\vwifimp.sys 2014-08-30 16:48:06 35BF5C5F5E3C9902C98978C7640574DA 71680 ----a-w- C:\WINDOWS\Sysnative\drivers\vwififlt.sys 2014-08-30 16:29:31 313DCE665B57000B18CB26C6B6A10DFE 1557848 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2014-08-30 16:27:01 BFBE1C5F57FE7A885673A1962D5532B7 136024 ----a-w- C:\WINDOWS\Sysnative\drivers\wfplwfs.sys 2014-08-30 16:27:01 ABB7341766902F5AAB45E15F34D19E15 111616 -c--a-w- C:\WINDOWS\Sysnative\drivers\hidclass.sys 2014-08-30 16:27:01 A03F362C5557E238CBFA914689C77248 134144 ----a-w- C:\WINDOWS\Sysnative\drivers\dfsc.sys 2014-08-30 16:27:01 8DB8EAB9D0C6A5DF0BDCADEA239220B4 33280 -c--a-w- C:\WINDOWS\Sysnative\drivers\hidusb.sys 2014-08-30 16:27:01 7FC5667DF73D4B04AA457CC3A4180E09 157016 ----a-w- C:\WINDOWS\Sysnative\drivers\wof.sys 2014-08-30 16:27:01 41CF802064F72E55F50CA0A221FD36D4 49152 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpipreg.sys 2014-08-30 16:27:01 4030CB06B8D963A45CED9E60C9F2A11E 379224 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2014-08-30 16:27:01 3E28B99198B514DFEB152EACF913025E 283648 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb10.sys 2014-08-30 16:27:01 1D55DADC22D21883A2F80297F5A5AE48 140288 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxdav.sys 2014-08-30 16:27:01 179A41249055D5F039F1B6703F3B6D2B 376152 ----a-w- C:\WINDOWS\Sysnative\drivers\clfs.sys 2014-08-30 16:25:47 FE0ADF5028EB8C1339B66B3AEDE3FEF9 440664 -c--a-w- C:\WINDOWS\Sysnative\drivers\usbport.sys 2014-08-30 16:25:47 D79920BE4E6683D3AB50F71457A4F6C6 27480 -c--a-w- C:\WINDOWS\Sysnative\drivers\usbd.sys 2014-08-30 16:25:47 D537815E450A149752C15868392AD1F3 110592 ----a-w- C:\WINDOWS\Sysnative\drivers\WUDFPf.sys 2014-08-30 16:25:47 7CCBBCEE408A5DBE3FE47297DB5A6CFC 227840 ----a-w- C:\WINDOWS\Sysnative\drivers\WUDFRd.sys 2014-08-30 16:25:47 48BA326A3DBA5B5BEB5F2777F4618696 89944 -c--a-w- C:\WINDOWS\Sysnative\drivers\usbehci.sys 2014-08-30 16:25:47 064260B3A5868AC894A4943543BC7AB7 37376 -c--a-w- C:\WINDOWS\Sysnative\drivers\usbuhci.sys 2014-08-30 16:25:29 1CD3A907D64D08F49208DA00B69BF35E 565576 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2014-08-30 16:23:59 374E27295F0A9DCAA8FC96370F9BEEA5 563200 ----a-w- C:\WINDOWS\Sysnative\drivers\afd.sys 2014-08-30 16:19:32 182561A14F2E93E81E66FE3700D17A5A 55328 ----a-w- C:\WINDOWS\Sysnative\drivers\wpcfltr.sys 2014-08-30 16:19:17 F5D4FA3E1F4879C361FFF3855259D2C2 35856 ----a-w- C:\WINDOWS\Sysnative\drivers\WdBoot.sys 2014-08-30 16:19:17 6CC1BB8F6851A262E2E824F0E92D5EEF 123224 ----a-w- C:\WINDOWS\Sysnative\drivers\WdNisDrv.sys 2014-08-30 16:19:17 019CC610AD95FF47EAD7C08B7A683B96 257880 ----a-w- C:\WINDOWS\Sysnative\drivers\WdFilter.sys 2014-08-30 16:18:53 F152D55E497E12256290C43B31C7D0CE 589656 ----a-w- C:\WINDOWS\Sysnative\drivers\fvevol.sys 2014-08-30 16:18:53 4C1E71E37B56C768900B1FCF81205027 372568 ----a-w- C:\WINDOWS\Sysnative\drivers\storport.sys 2014-08-30 16:18:52 F88CC88F4A6D8476F1664E805CA18CC2 180056 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys 2014-08-30 16:18:52 D90AB68D0FAC9F357F663670FDBB511E 275800 -c--a-w- C:\WINDOWS\Sysnative\drivers\msiscsi.sys 2014-08-30 16:18:52 CADCE0D6C30427F70A4BFA426256F68C 337240 ----a-w- C:\WINDOWS\Sysnative\drivers\Classpnp.sys 2014-08-30 16:18:52 8FCE57F7E5CDA5751FDE01A316180488 428888 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS 2014-08-30 16:18:52 6592D192E2823C043EDBC010E7774053 360792 ----a-w- C:\WINDOWS\Sysnative\drivers\fltMgr.sys ====== C:\WINDOWS\Tasks ====== 2014-09-05 11:35:38 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\Apple 2014-08-30 18:05:02 6A02CE246B817537F2DC229DCBA3E384 3828 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Flash Player Updater 2014-08-30 18:05:02 605C626A0BEAA82AEDF50246443A865D 940 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-08-30 16:23:38 A1CD27502EBC0B09966599EFB9229421 3942 ----a-w- C:\WINDOWS\Sysnative\Tasks\User_Feed_Synchronization-{B91E7C22-77CA-4BCC-80D4-207FEE063DB7} 2014-08-30 12:38:29 0B8A99495C9E8B5179FB6EB0CEAF91BA 3704 ----a-w- C:\WINDOWS\Sysnative\Tasks\AutoPico Daily Restart ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-09-28 19:15:29 -------- d-----w- C:\Program Files\Handbrake 2014-09-28 16:07:14 -------- d-----w- C:\Program Files\trend micro 2014-09-26 13:35:37 -------- d-----w- C:\Program Files\Common Files\Common Desktop Agent 2014-09-25 12:01:19 -------- d-----w- C:\Program Files\CDisplayEx 2014-09-10 16:50:14 -------- d-----w- C:\Program Files\iPod 2014-09-10 16:50:13 -------- d-----w- C:\Program Files\iTunes 2014-09-10 14:43:15 -------- d--h--w- C:\Program Files\CanonBJ 2014-09-05 11:36:38 -------- d-----w- C:\Program Files\Common Files\Apple 2014-09-05 11:36:27 -------- d-----w- C:\Program Files\Bonjour 2014-09-02 16:36:08 -------- d-----w- C:\Program Files\Bonjour Print Services 2014-08-31 19:24:51 -------- d-----w- C:\Program Files\WinRAR 2014-08-30 19:27:16 -------- d-----w- C:\Program Files\Eraser 2014-08-30 17:06:30 -------- d-----w- C:\Program Files\Microsoft.NET 2014-08-30 16:16:23 -------- d-----w- C:\Program Files\Reference Assemblies 2014-08-30 16:16:23 -------- d-----w- C:\Program Files\MSBuild 2014-08-30 15:56:33 -------- d-----w- C:\Program Files\Common Files\Atheros 2014-08-30 15:33:30 -------- d-----w- C:\Program Files\NVIDIA Corporation 2014-08-30 15:33:00 -------- d-----w- C:\Program Files\Realtek 2014-08-30 14:18:51 -------- d-----w- C:\Program Files\Microsoft Silverlight 2014-08-30 14:02:39 -------- d-----w- C:\Program Files\Microsoft Games 2014-08-30 12:38:27 -------- d-----w- C:\Program Files\KMSpico 2014-08-30 12:25:10 -------- d-----w- C:\Program Files\Common Files\DESIGNER 2014-08-30 12:24:28 -------- d-----w- C:\Program Files\Microsoft SQL Server 2014-08-30 12:22:37 -------- d-----w- C:\Program Files\Microsoft Analysis Services 2014-08-30 12:22:32 -------- d-----w- C:\Program Files\Microsoft Office ======= C:\PROGRA~2 ===== 2014-09-26 13:35:36 -------- d-----w- C:\PROGRA~2\COMMON~1\Common Desktop Agent 2014-09-26 13:35:30 -------- d-----w- C:\PROGRA~2\Samsung 2014-09-25 14:49:11 -------- d-----w- C:\PROGRA~2\TeamViewer 2014-09-21 19:33:57 -------- d-----w- C:\PROGRA~2\Spotnet 2014-09-15 10:18:25 -------- d-----w- C:\PROGRA~2\EPUB File Reader 2014-09-10 16:50:13 -------- d-----w- C:\PROGRA~2\iTunes 2014-09-10 14:42:01 -------- d-----w- C:\PROGRA~2\Canon 2014-09-05 11:37:04 -------- d-----w- C:\PROGRA~2\QuickTime 2014-09-05 11:36:38 -------- d-----w- C:\PROGRA~2\COMMON~1\Apple 2014-09-05 11:36:27 -------- d-----w- C:\PROGRA~2\Bonjour 2014-09-05 11:35:37 -------- d-----w- C:\PROGRA~2\Apple Software Update 2014-09-03 20:15:18 -------- d-----w- C:\PROGRA~2\PCStreams 2014-09-02 12:40:12 -------- d-----w- C:\PROGRA~2\Woordenboeken 2014-09-02 12:14:41 -------- d-----w- C:\PROGRA~2\flac-to-mp3-converter 2014-08-31 17:56:57 -------- d-----w- C:\PROGRA~2\K-Lite Codec Pack 2014-08-30 16:16:25 -------- d-----w- C:\PROGRA~2\Reference Assemblies 2014-08-30 16:16:25 -------- d-----w- C:\PROGRA~2\MSBuild 2014-08-30 15:33:30 -------- d-----w- C:\PROGRA~2\NVIDIA Corporation 2014-08-30 15:33:22 -------- d-----w- C:\PROGRA~2\Intel 2014-08-30 14:18:51 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight 2014-08-30 12:24:56 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server 2014-08-30 12:22:37 -------- d-----w- C:\PROGRA~2\Microsoft Analysis Services 2014-08-30 12:22:33 -------- d-----w- C:\PROGRA~2\Microsoft Office 2014-08-30 12:16:53 -------- d-----w- C:\PROGRA~2\QuickPar 2014-08-30 11:39:15 -------- d-----w- C:\PROGRA~2\GrabIt ======= C: ===== ====== C:\Users\Mario\AppData\Roaming ====== 2014-09-28 19:15:47 -------- d-----w- C:\Users\Mario\AppData\Roaming\HandBrake 2014-09-28 19:15:30 -------- d-----w- C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake 2014-09-26 13:35:58 -------- d-----w- C:\Users\Mario\AppData\Roaming\Samsung 2014-09-25 14:49:14 -------- d-----w- C:\Users\Mario\AppData\Roaming\TeamViewer 2014-09-25 12:01:22 -------- d-----w- C:\Users\Mario\AppData\Roaming\CDisplayEx 2014-09-21 19:36:21 -------- d-----w- C:\Users\Mario\AppData\Local\Spotnet 2014-09-18 16:14:37 -------- d-----w- C:\Users\Mario\AppData\Roaming\VanDale 2014-09-15 18:49:25 -------- d-----w- C:\Users\Mario\AppData\Local\ElevatedDiagnostics 2014-09-15 10:08:49 -------- d-----w- C:\Users\Mario\AppData\Local\Adobe_Systems_Incorporate 2014-09-15 10:07:02 -------- d-----w- C:\Users\Mario\AppData\Locallow\Adobe 2014-09-15 10:07:02 -------- d-----w- C:\Users\Mario\AppData\Local\Adobe 2014-09-15 10:03:45 -------- d-----w- C:\Users\Mario\AppData\Roaming\uTorrent 2014-09-10 14:43:36 -------- d-----w- C:\Users\Mario\AppData\Roaming\Canon 2014-09-08 08:28:01 -------- d-----w- C:\Users\Mario\AppData\Local\Deployment 2014-09-05 11:41:39 -------- d-----w- C:\Users\Mario\AppData\Local\EE4B83A9-0CF9-4EF8-8FB3-9B4DD58FE476.aplzod 2014-09-05 11:38:50 -------- d-----w- C:\Users\Mario\AppData\Local\Apple Computer 2014-09-05 11:37:50 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Apple Computer 2014-09-05 11:37:01 -------- d-----w- C:\Users\Mario\AppData\Locallow\Apple Computer 2014-09-05 11:36:55 -------- d-----w- C:\Users\Mario\AppData\Roaming\Apple Computer 2014-09-03 20:19:38 -------- d-----w- C:\Users\Mario\AppData\Local\PCStreams3 2014-09-03 20:17:29 -------- d-----w- C:\Users\Mario\AppData\Roaming\.Torrent Stream 2014-09-03 20:17:06 -------- d-----w- C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torrent Stream 2014-09-03 20:16:48 -------- d-----w- C:\Users\Mario\AppData\Roaming\TorrentStream 2014-09-03 20:13:28 -------- d-----w- C:\Users\Mario\AppData\Roaming\Downloaded Installations 2014-09-03 14:47:32 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Microsoft 2014-09-03 14:47:21 -------- d-s---w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft 2014-09-02 16:33:57 -------- d-----w- C:\Users\Mario\AppData\Local\Apple 2014-09-02 12:40:33 -------- d-----w- C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Woordenboeken 2014-08-31 19:25:24 -------- d-----w- C:\Users\Mario\AppData\Roaming\WinRAR 2014-08-31 19:24:53 -------- d-----w- C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-08-31 17:39:32 -------- d-----w- C:\Users\Mario\AppData\Roaming\dvdcss 2014-08-31 12:19:59 -------- d-----w- C:\Users\Mario\AppData\Local\Intel_Corporation 2014-08-30 21:54:22 -------- d-----w- C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-08-30 20:17:14 -------- d-----w- C:\Users\Mario\AppData\Local\Eraser 6 2014-08-30 18:59:32 -------- d-----w- C:\Users\Mario\AppData\Roaming\ClassicShell 2014-08-30 16:28:44 -------- d-----w- C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast 2014-08-30 16:25:52 -------- d-sh--w- C:\Users\Mario\AppData\Locallow\EmieUserList 2014-08-30 16:23:38 -------- d-sh--w- C:\Users\Mario\AppData\Local\EmieUserList 2014-08-30 16:23:38 -------- d-sh--w- C:\Users\Mario\AppData\Local\EmieSiteList 2014-08-30 16:23:37 -------- d-sh--w- C:\Users\Mario\AppData\Locallow\EmieSiteList 2014-08-30 15:54:02 -------- d-----w- C:\Users\Mario\AppData\Roaming\Identities 2014-08-30 15:47:43 -------- d-s---w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Locallow\Microsoft 2014-08-30 15:47:09 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Adobe 2014-08-30 15:44:50 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\ESET 2014-08-30 15:42:13 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help 2014-08-30 15:42:13 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help 2014-08-30 15:38:16 -------- d-s---w- C:\Users\UpdatusUser\AppData\Roaming\Microsoft 2014-08-30 15:38:16 -------- d-----w- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-08-30 15:38:16 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Temp 2014-08-30 15:38:16 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Microsoft 2014-08-30 15:38:16 -------- d-----r- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-08-30 15:38:16 -------- d-----r- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-08-30 15:38:16 -------- d-----r- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-08-30 15:38:15 -------- d-----w- C:\Users\Mario\AppData\Local\Temp 2014-08-30 15:38:15 -------- d-----w- C:\Users\Mario\AppData\Local\Microsoft 2014-08-30 15:38:14 -------- d-s---w- C:\Users\Mario\AppData\Roaming\Microsoft 2014-08-30 15:38:14 -------- d-----w- C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-08-30 15:38:14 -------- d-----r- C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-08-30 15:38:14 -------- d-----r- C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-08-30 15:38:14 -------- d-----r- C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-08-30 15:33:42 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft 2014-08-30 15:32:47 -------- d-s---w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Microsoft 2014-08-30 14:03:09 -------- d-----w- C:\Users\Mario\AppData\Local\Microsoft Games 2014-08-30 13:18:34 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\CrashDumps 2014-08-30 13:08:20 -------- d-----w- C:\Users\Mario\AppData\Local\Apps 2014-08-30 12:18:08 -------- d-----w- C:\Users\Mario\AppData\Local\QuickPar 2014-08-30 12:16:53 -------- d-----w- C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar 2014-08-30 11:44:18 -------- d-----w- C:\Users\Mario\AppData\Roaming\GrabIt 2014-08-30 09:32:49 -------- d-s---w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Locallow\Microsoft ====== C:\Users\Mario ====== 2014-09-28 19:15:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake 2014-09-28 16:06:46 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Mario\Desktop\RSITx64.exe 2014-09-26 13:36:05 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers 2014-09-26 12:38:57 -------- d-----w- C:\ProgramData\Samsung 2014-09-25 12:01:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplayEx 2014-09-21 19:34:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotnet 2014-09-21 19:33:57 -------- d-----w- C:\ProgramData\Spotnet 2014-09-21 09:58:54 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp 2014-09-15 18:10:53 1F8B270547ECC20052BDFCFBEE66ADDC 7147040 ----a-w- C:\Users\Mario\09. Dear Heather - Leonard Cohen.mp3 2014-09-15 18:08:32 AB72BB446C23D2CDE6B153F2AB3993B9 8949536 ----a-w- C:\Users\Mario\08. There For You - Leonard Cohen.mp3 2014-09-15 17:55:13 4968DD6363514A0E039047FC506EF466 7145504 ----a-w- C:\Users\Mario\01. Go No More A-Roving - Leonard Cohen.mp3 2014-09-15 10:18:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPUB File Reader 2014-09-10 16:50:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-09-10 16:50:13 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-09-10 14:43:57 -------- d--h--w- C:\ProgramData\CanonIJScan 2014-09-10 14:43:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 110 2014-09-10 14:42:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2014-09-10 14:42:01 -------- d-----w- C:\ProgramData\CanonIJWSpt 2014-09-05 11:37:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-09-05 11:37:04 -------- d-----w- C:\ProgramData\Apple Computer 2014-09-05 11:36:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2014-09-03 20:19:38 -------- d-----w- C:\ProgramData\PCStreams 2014-09-03 20:15:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCStreams 2014-09-02 16:36:08 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonjour-afdrukservices 2014-09-02 16:33:56 -------- d-----w- C:\ProgramData\Apple 2014-09-02 12:20:33 7B739DF24D05F9A85A9F79EF594E1335 8342048 ----a-w- C:\Users\Mario\15 Anyway You Look At It.mp3 2014-09-02 12:14:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\flac-to-mp3-converter 2014-08-31 19:24:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-08-31 17:57:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2014-08-30 18:59:32 -------- d-----w- C:\ProgramData\ClassicShell 2014-08-30 18:58:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell 2014-08-30 16:28:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast 2014-08-30 15:55:58 -------- d---a-r- C:\Users\Mario\OneDrive 2014-08-30 15:53:35 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Mario\ntuser.ini 2014-08-30 15:46:58 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\UpdatusUser\ntuser.ini 2014-08-30 15:38:16 -------- d--h--w- C:\Users\UpdatusUser\AppData 2014-08-30 15:38:16 -------- d-----r- C:\Users\UpdatusUser\Favorites 2014-08-30 15:38:16 -------- d-----r- C:\Users\UpdatusUser\Desktop 2014-08-30 15:38:14 -------- d--h--w- C:\Users\Mario\AppData 2014-08-30 15:38:14 -------- d-----r- C:\Users\Mario\Favorites 2014-08-30 15:38:14 -------- d-----r- C:\Users\Mario\Documents 2014-08-30 15:38:14 -------- d-----r- C:\Users\Mario\Desktop 2014-08-30 15:33:53 -------- d-----w- C:\ProgramData\NVIDIA 2014-08-30 15:33:33 -------- d-----w- C:\ProgramData\NVIDIA Corporation 2014-08-30 15:33:03 -------- d-----w- C:\ProgramData\SonicFocus 2014-08-30 14:19:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-08-30 12:25:32 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2014-08-30 12:16:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar 2014-08-30 11:39:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GrabIt ====== C: exe-files == 2014-09-28 19:15:32 00C34EB5DFB824F52DF661D3C9B878A3 303822 ----a-w- C:\Program Files\Handbrake\uninst.exe 2014-09-28 16:07:15 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Mario.exe 2014-09-28 16:06:46 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Mario\Desktop\RSITx64.exe 2014-09-26 13:36:05 D4F55609B39D5F42722E7F30FA59E9FE 885326 ----a-w- C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe 2014-09-25 14:49:12 945A5EE810361F7DFD7A7D427EDE355F 465440 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\uninstall.exe 2014-09-25 14:49:12 8C8E7948B3940BC2987D06D633DF4AEA 264464 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe 2014-09-25 14:49:12 83DE0CC30F2E7F7108F550AEBDDCE4C7 229648 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe 2014-09-25 14:49:12 4ACFC5853A3F0C6C2F54E537C23EE90F 4799760 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe 2014-09-25 14:49:11 DE8E8FA274122C38CE0A7ED291177759 4812048 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe 2014-09-25 14:49:11 12220BA871C6D7BAE08FFDD137BAB697 13559056 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe 2014-09-25 12:01:20 B31AB71A8AB04BFED45AD3DB74A1CA39 677376 ----a-w- C:\Program Files\CDisplayEx\pdfreader.exe 2014-09-25 12:01:19 9E6EBA6E700C125FF40BE73EE29C92E8 2324112 ----a-w- C:\Program Files\CDisplayEx\unins000.exe 2014-09-25 12:01:19 1CB76DDACD9140A68E7F688A0188940B 6604800 ----a-w- C:\Program Files\CDisplayEx\CDisplayEx.exe 2014-09-24 18:34:38 F31038ECFF897B41BD64CDFC977F321C 415840 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000063f1\CoProc update.18914650.exe 2014-09-24 18:34:35 C7F706EBA37CEC36D5464B2FDC4352DB 314600 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000063eb\DRS update.18604483.exe 2014-09-23 18:34:00 59B2484F5BDAACEEE6D7D542C2A87737 415480 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\0000638c\CoProc update.18911331.exe 2014-09-22 21:28:08 27E4A4066979DDFEE0E1188BB17E444D 1913344 ----a-w- C:\Users\Mario\AppData\Local\Packages\ReflectionIT.SudokuFree_h3qw2m3pefnrp\AC\Microsoft\CLR_v4.0\NativeImages\SudokuFree\bdd3fc416318e74201f605ca1535022d\SudokuFree.ni.exe === C: other files == 2014-09-24 10:36:03 DC311C557BB85D2AA6AB7B8DB195DBE6 35493 ----a-w- C:\Users\Mario\AppData\LocalLow\Adobe\Acrobat\10.0\rdrmessage.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3883851844-1244325048-1555827988-1002\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [HKEY_USERS\S-1-5-21-3883851844-1244325048-1555827988-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE" "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "CanonSolutionMenuEx"="C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\WINDOWS\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "AuditSHD"="C:\windows\system32\oobe\auditshd.exe" "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice" "Classic Start Menu"="C:\Program Files\Classic Shell\ClassicStartMenu.exe -autorun" "Eraser"="C:\PROGRA~1\Eraser\Eraser.exe --atRestart" "CDAServer"="C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll,C:\\WINDOWS\\system32\\nvinitx.dll" ==== Startup Folders ====================== 2014-08-30 12:47:22 1187 ----a-w- C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09-09-2014 20:48] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\AutoPico Daily Restart" ["C:\Program Files\KMSpico\AutoPico.exe"] "C:\WINDOWS\SysNative\tasks\BtTray" [C:\Program] "C:\WINDOWS\SysNative\tasks\BtvStack" [C:\Program] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\ParetoLogic Registration3" [C:\WINDOWS\system32\rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns] "C:\WINDOWS\SysNative\tasks\ParetoLogic Update Version3" [C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{B91E7C22-77CA-4BCC-80D4-207FEE063DB7}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "magicplayer@torrentstream.org"="C:\Users\Mario\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org" [03-09-2014 22:17] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\5mhslyv8.default-1409655398802 - TS Magic Player - C:\Users\Mario\AppData\Roaming\TorrentStream\extensions\firefox\magicplayer@torrentstream.org - New Tab Homepage - %ProfilePath%\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\5mhslyv8.default-1409655398802 DFC9460CC37E5C414DC4680B10C19E7A - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash 60B64FCCE4860BA26211ED9A2CEFB982 - C:\Users\Mario\AppData\Roaming\TorrentStream\player\npts.dll - Torrent Stream P2P Multimedia Plug-in ==== Chromium Look ====================== HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions ochbjojkpcmlfeagbaahkofepalngihg - C:\Users\Mario\AppData\Roaming\TorrentStream\extensions\chrome\magicplayer.crx[12-10-2012 14:18] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKUS\S-1-5-21-3883851844-1244325048-1555827988-1001\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'UpdatusUser') O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://www.samsungsetup.com O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Mario\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Mario\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=156 folders=85 22173579 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Mario\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Mario\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 29-09-2014 at 11:26:04,96 ======================