Zoek.exe v5.0.0.0 Updated 29-11-2014 Tool run by Marnick on 26/01/2015 at 15:36:03.09. Microsoft Windows 8.1 Pro 6.3.9600 x64 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\Marnick\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 26/01/2015 15:38:28 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Setup deleted successfully C:\PROGRA~2\VideoLAN deleted successfully C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully C:\Program Files\Blender Foundation deleted successfully C:\PROGRA~3\Roaming deleted successfully C:\Users\Marnick\AppData\Roaming\DesktopPwrMgr deleted successfully C:\Users\Marnick\AppData\Roaming\Intel deleted successfully C:\Users\Marnick\AppData\Roaming\JAM Software deleted successfully C:\Users\Marnick\AppData\Local\CutePDF Writer deleted successfully C:\Users\Marnick\AppData\Local\RefSrcSymbols deleted successfully C:\Users\Marnick\AppData\Local\SymbolSourceSymbols deleted successfully C:\Users\Marnick\AppData\Local\TSVNCache deleted successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Tools for .Net 3.5 ?? Visual Studio 2013 ? Microsoft ???????? ?????????? Microsoft Report Viewer ??? Visual Studio 2013 7-Zip 9.20 (x64 edition) 7+ Taskbar Tweaker v4.5.6 Adobe AIR Adobe Flash Player 16 NPAPI Age of Mythology: Extended Edition AnalogX MaxMem AOMEI Backupper Standard Edition 2.1.0 Audacity 2.0.5 AutoHotkey 1.0.48.05 Avast Free Antivirus Avidemux 2.6 - 64bits AzureTools.Notifications Behaviors SDK (Windows Phone) for Visual Studio 2013 Behaviors SDK (Windows) for Visual Studio 2013 BleachBit Blend for Visual Studio 2013 Blend for Visual Studio 2013 ENU resources Blend for Visual Studio SDK for .NET 4.5 Blend for Visual Studio SDK for Silverlight 5 Blend for Visual Studio SDK for Windows Phone 8.0 blueMSX Borderlands 2 Build Tools - amd64 Build Tools - x86 Build Tools Language Resources - amd64 Build Tools Language Resources - x86 Classic Shell Complemento do Microsoft Report Viewer para Visual Studio 2013 Complemento Microsoft Report Viewer para Visual Studio 2013 Compon. agg. Microsoft Report Viewer per Visual Studio 2013 CrystalDiskInfo 6.1.14 CrystalDiskMark 3.0.3b CutePDF Writer 3.0 Defraggler Dotfuscator and Analytics Community Edition Dropbox Entity Framework 6.1.0 Tools for Visual Studio 2013 Ethervane Echo 1.1.3.128 Euro Truck Simulator 2 Eusing Free Registry Cleaner Everything 1.3.4.686 (x64) Exact Audio Copy 1.0beta3 Factorio version 0.10.12 FastStone Photo Resizer 3.3 FFmpeg v0.6.2 for Audacity FileMenu Tools Find+Run Robot 2.213.01 foobar2000 v1.3.7 FreeFileSync 6.12 Freemake Audio Converter version 1.1.0 Freemake Video Converter version 4.1.4 GIMP 2.8.10 Git version 1.9.4-preview20140929 Gpg4win (2.2.1) GridMove V1.19.62 GTK2-Runtime GTK2-Themes Haskell Platform 2014.2.0.0 Heaven Benchmark version 4.0 HostsMan 4.4.101 HxD Hex Editor version 1.7.7.0 iCopy IIS 8.0 Express IIS Express Application Compatibility Database for x64 IIS Express Application Compatibility Database for x86 ImDisk Virtual Disk Driver ImgBurn Inkscape 0.91pre3 Integrated Camera Intel(R) Processor Graphics Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology IntelliJ IDEA 13.1.4 Java 8 Update 31 Java 8 Update 31 (64-bit) Java Auto Updater Java SE Development Kit 8 Update 25 Java SE Development Kit 8 Update 25 (64-bit) JetBrains ReSharper 8.2.1 JPEGmini KC Softwares DUMo KC Softwares SUMo KMSpico v9.2.3 Kodi LAME v3.99.3 (for Windows) LAV Filters 0.62.0 Lenovo Patch Utility Lenovo Patch Utility 64 bit Lenovo Power Management Driver Light 35.0 (x86 en-US) LocalESPC LocalESPC Dev12 LocalESPCui for en-us LocalESPCui for en-us Dev12 LoiLo Game Recorder Machete Lite 4.2 Malwarebytes Anti-Malware version 2.0.4.1028 Media Preview MediaInfo 0.7.69 MemInfo (remove only) Memory Profiler Metric Collection SDK Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft .NET Framework 4.5.1 Multi-Targeting Pack Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (ENU) Microsoft .NET Framework 4.5.1 SDK Microsoft .NET Framework 4.5.2 Multi-Targeting Pack Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) Microsoft Advertising SDK for Windows 8.1 - ENU Microsoft Advertising SDK for Windows Phone - ENU Microsoft Advertising SDK for Windows Phone 8.1 XAML - ENU Microsoft Advertising Service Extension for Visual Studio Microsoft Application Error Reporting Microsoft ASP.NET and Web Tools 2013.2 - Visual Studio 2013 Microsoft ASP.NET MVC 3 Microsoft ASP.NET MVC 4 - Visual Studio 2013 - ENU Microsoft ASP.NET MVC 4 Runtime Microsoft ASP.NET Web Frameworks and Tools - Visual Studio 2013 - ENU Microsoft ASP.NET Web Pages Microsoft ASP.NET Web Pages 2 - Visual Studio 2013 - ENU Microsoft ASP.NET Web Pages 2 Runtime Microsoft C++ Azure Mobile SDK for Visual Studio 2013 Microsoft C++ REST SDK for Visual Studio 2013 Microsoft Exchange Web Services Managed API 2.1 Microsoft Expression Blend SDK for .NET 4 Microsoft Help Viewer 2.0 Microsoft Help Viewer 2.1 Microsoft Identity Extensions Microsoft LightSwitch for Visual Studio 2013 Core Microsoft LightSwitch for Visual Studio 2013 CoreRes - ENU Microsoft LightSwitch for Visual Studio 2013 v4.5 Tools Microsoft LightSwitch for Visual Studio 2013 v4.5 ToolsRes - ENU Microsoft LightSwitch v4.5 SDK Microsoft NuGet - Visual Studio 2013 Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) - ENU Language Pack Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) Microsoft Office Developer Tools for Visual Studio Microsoft Office Developer Tools for Visual Studio ENU Language Pack Microsoft Portable Library Multi-Targeting Pack Microsoft Portable Library Multi-Targeting Pack Language Pack - chs Microsoft Portable Library Multi-Targeting Pack Language Pack - cht Microsoft Portable Library Multi-Targeting Pack Language Pack - csy Microsoft Portable Library Multi-Targeting Pack Language Pack - deu Microsoft Portable Library Multi-Targeting Pack Language Pack - enu Microsoft Portable Library Multi-Targeting Pack Language Pack - esn Microsoft Portable Library Multi-Targeting Pack Language Pack - fra Microsoft Portable Library Multi-Targeting Pack Language Pack - ita Microsoft Portable Library Multi-Targeting Pack Language Pack - jpn Microsoft Portable Library Multi-Targeting Pack Language Pack - kor Microsoft Portable Library Multi-Targeting Pack Language Pack - plk Microsoft Portable Library Multi-Targeting Pack Language Pack - ptb Microsoft Portable Library Multi-Targeting Pack Language Pack - rus Microsoft Portable Library Multi-Targeting Pack Language Pack - trk Microsoft Report Viewer 2012 Runtime Microsoft Report Viewer Add-On for Visual Studio 2013 Microsoft Report Viewer Add-On fr Visual Studio 2013 Microsoft SharePoint 2013 Developer Tools for Visual Studio 2012 Nuget Package Microsoft SQL Server 2008 Setup Support Files Microsoft SQL Server 2012 (64-bit) Microsoft SQL Server 2012 Native Client Microsoft SQL Server 2012 RsFx Driver Microsoft SQL Server 2012 Setup (English) Microsoft SQL Server 2012 T-SQL Language Service Microsoft SQL Server 2012 Transact-SQL Compiler Service Microsoft SQL Server 2012 Transact-SQL ScriptDom Microsoft Team Foundation Server 2013 Update 2 Object Model (x64) Microsoft Team Foundation Server 2013 Update 2 Object Model Language Pack (x64) - ENU Microsoft Visual C++ ARM Libraries Microsoft Visual C++ x64-arm Cross Compilers - ENU Resources Microsoft Visual C++ x64-arm Cross Compilers Microsoft Visual C++ x64-x86 Cross Compilers - ENU Resources Microsoft Visual C++ x64-x86 Cross Compilers Microsoft Visual C++ x64 Libraries Microsoft Visual C++ x64 Native Compilers - ENU Resources Microsoft Visual C++ x64 Native Compilers Microsoft Visual C++ x86 Libraries Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 Microsoft Visual C++ 2012 32bit Compilers - ENU Resources Microsoft Visual C++ 2012 Compilers - ENU Resources Microsoft Visual C++ 2012 Compilers Microsoft Visual C++ 2012 Compilers For Windows Phone - ENU Resources Microsoft Visual C++ 2012 Compilers For Windows Phone Microsoft Visual C++ 2012 Core Libraries Microsoft Visual C++ 2012 Core Libraries For Windows Phone Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.60610 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86-x64 Compilers Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 x64 Designtime - 12.0.21005 Microsoft Visual C++ 2013 32bit Compilers - ENU Resources Microsoft Visual C++ 2013 Compilers - ENU Resources Microsoft Visual C++ 2013 Compilers Microsoft Visual C++ 2013 Core Libraries Microsoft Visual C++ 2013 Extended Libraries Microsoft Visual C++ 2013 Microsoft Foundation Class Libraries Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86-x64 Compilers Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual Studio 2010 Shell (Isolated) - ENU Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2013 Devenv Microsoft Visual Studio 2013 Devenv Resources Microsoft Visual Studio 2013 Diagnostic Tools - amd64 Microsoft Visual Studio 2013 Diagnostic Tools - x86 Microsoft Visual Studio 2013 IntelliTrace (x64) Microsoft Visual Studio 2013 IntelliTrace (x86) Microsoft Visual Studio 2013 IntelliTrace Front End Microsoft Visual Studio 2013 Performance Collection Tools - ENU Microsoft Visual Studio 2013 Performance Collection Tools Microsoft Visual Studio 2013 Preparation Microsoft Visual Studio 2013 Profiling Tools Microsoft Visual Studio 2013 Shell (Minimum) Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies Microsoft Visual Studio 2013 Shell (Minimum) Resources Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU Microsoft Visual Studio 2013 VsGraphics Helper Dependencies Microsoft Visual Studio 2013 XAML UI Designer - ENU Microsoft Visual Studio 2013 XAML UI Designer Microsoft Visual Studio Premium 2013 - ENU Microsoft Visual Studio Premium 2013 Microsoft Visual Studio Professional 2013 - ENU Microsoft Visual Studio Professional 2013 Microsoft Visual Studio Team Foundation Server 2012 Object Model Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU Microsoft Visual Studio Team Foundation Server 2013 Storyboarding (x64) Microsoft Visual Studio Team Foundation Server 2013 Storyboarding Language Pack (x64) - ENU Microsoft Visual Studio Ultimate 2013 - ENU Microsoft Visual Studio Ultimate 2013 Microsoft VSS Writer for SQL Server 2012 Microsoft Web Deploy 3.5 Microsoft Web Deploy dbSqlPackage Provider - enu Microsoft Web Platform Installer 5.0 MiniBin 6.6.0.0 Module Microsoft Report Viewer pour Visual Studio˙2013 Mozilla Firefox 35.0 (x86 en-US) Mozilla Maintenance Service Mozilla Thunderbird 31.4.0 (x86 en-US) Mp3tag v2.64 MPC-BE 1.4.2.4752 MyDefrag v4.3.1 Node.js Notepad++ NVIDIA Control Panel 344.75 NVIDIA Graphics Driver 344.75 NVIDIA Install Application NVIDIA Network Service NVIDIA Optimus Update 16.13.65 NVIDIA PhysX NVIDIA PhysX System Software 9.14.0702 NVIDIA Update Core Open XML SDK 2.5 for Microsoft Office OpenOffice 4.1.1 Oracle VM VirtualBox 4.3.20 Pale Moon 25.1.0 (x64 en-US) Password Safe Performance Monitor 4.x Pidgin PNGGauntlet POP Peeper PreEmptive Analytics Visual Studio Components Process Tamer 2.11.01 Project 64 version 2.1.0.1 puush Python 2.7.8 Python Tools Redirection Template Q-Dir qBittorrent 3.2.0.0 QuiteRSS version 0.16.0 Rainmeter Rapid Environment Editor version 8.0.0.920 Realtek Card Reader ReClock Recuva RedshiftGUI Rise of Nations: Extended Edition SharePoint Client Components Shrink O'Matic SkypeT 6.21 SMPlayer 14.9.0 Sniper Elite V2 Source SDK Base 2013 Multiplayer SourceGear DiffMerge 4.2.0.697.stable (x64) Space Engineers Space Engineers Toolbox Spec Ops: The Line Speccy SQL Server 2012 Common Files SQL Server 2012 Database Engine Services SQL Server 2012 Database Engine Shared SQL Server 2012 Management Studio SQL Server Browser for SQL Server 2012 Sql Server Customer Experience Improvement Program SSDlife Pro Star Wars - Battlefront II Stealth Bastard Deluxe Steam Strike Suit Zero SumatraPDF Synaptics WBF DDK 5011 Team Explorer for Microsoft Visual Studio 2013 TeamSpeak 3 Client The Elder Scrolls V: Skyrim ThinkPad Hotkey Features Integration Setup ThinkPad UltraNav Driver ThinkVantage Active Protection System TortoiseSVN 1.8.8.25755 (64 bit) TrackMania Nations Forever Trillian TypeScript Power Tool TypeScript Tools for Microsoft Visual Studio 2013 UK's Kalender 2.4.2 Ultra Defragmenter Unchecky v0.3.6 Unlocker 1.9.2 Update for (KB2504637) Update for Microsoft Visual Studio 2013 (KB2932965) UxStyle VBCABLE-A, The Virtual Audio Cable VBCABLE-B, The Virtual Audio Cable VeraCrypt VirtuaWin Unicode v4.4 Visual F# 3.1 SDK Visual F# 3.1 VS Visual Studio 2010 Prerequisites - English Visual Studio 2012 Verification SDK Visual Studio 2013 ? Microsoft Report Viewer ???? Visual Studio 2013 Prerequisites - ENU Language Pack Visual Studio 2013 Prerequisites Visual Studio 2013 Update 2 (KB2829760) Visual Studio 2013? Microsoft Report Viewer ?? ?? Visual Studio Extensions for Windows Library for JavaScript VisualSVN 4.0.10 Voicemeeter, The Virtual Mixing Console VS Update core components WCF Data Services 5.6.0 Runtime WCF Data Services Tools for Microsoft Visual Studio 2013 WCF RIA Services V1.0 SP2 WinCDEmu WinDirStat 1.1.2 Windows 8 Development Essentials Windows App Certification Kit Native Components Windows App Certification Kit x64 Windows Azure Mobile Services SDK Windows Azure Mobile Services Tools for Visual Studio - v1.1 Windows Azure Shared Components for Microsoft Visual Studio 2013 - v1.1 Windows Azure Tools for LightSwitch for Visual Studio 2013 - March 2014 Update - v2.2 Windows Azure Tools for LightSwitch for Visual Studio 2013 - v2.1 Windows Phone 8.0 Emulation Host Windows Phone 8.0 Managed SDK Profiler (ARM) Windows Phone 8.0 Managed SDK Profiler (X86) Windows Phone 8.0 Tools for Visual Studio 2013 - ENU Language Pack Windows Phone 8.0 Tools for Visual Studio 2013 Windows Phone 8.1 SDK - ARM Windows Phone 8.1 SDK - Desktop Windows Phone 8.1 SDK - x64 Windows Phone 8.1 SDK - x86 Windows Phone 8.1 Tools for Visual Studio 2013 - ENU Windows Phone 8.1 Tools for Visual Studio 2013 Windows Phone 8.1 Tools for Visual Studio Professional 2013 - ENU Windows Phone 8.1 Tools for Visual Studio Professional 2013 Windows Phone SDK 8.0 Assemblies Windows Runtime Intellisense Content - en-us Windows Software Development Kit Windows Software Development Kit DirectX x64 Remote Windows Software Development Kit DirectX x86 Remote Windows Software Development Kit for Windows Store Apps Windows Software Development Kit for Windows Store Apps DirectX x64 Remote Windows Software Development Kit for Windows Store Apps DirectX x86 Remote Windows XP Targeting with C++ WizMouse v1.7.0.3 Workflow Manager Client 1.0 Workflow Manager Tools 1.0 for Visual Studio World of Tanks XCOM: Enemy Unknown XnViewMP 0.72 ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe C:\Windows\SysWOW64\svchost.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Program Files (x86)\Tor\tor.exe C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\WizMouse\wizmouse.exe C:\Program Files (x86)\Puush\puush.exe C:\Program Files (x86)\QuiteRSS\QuiteRSS.exe C:\Program Files (x86)\RedshiftGUI\redshiftgui.exe C:\Program Files (x86)\POP Peeper\POPPeeper.exe C:\Program Files (x86)\Kalender\Kalender.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Tools\DiskLED\Disk0\DiskLED.exe C:\Tools\DiskLED\Disk1\DiskLED.exe C:\Program Files (x86)\Ethervane\Echo\ethervaneecho.exe C:\Program Files (x86)\Find And Run Robot\FindAndRunRobot.exe C:\Program Files (x86)\AutoHotkey\AutoHotkey.exe C:\Program Files (x86)\Minibin\MiniBin.exe C:\Users\Marnick\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Gridmove\GridMove.exe C:\Program Files (x86)\Processtamer\ProcessTamerTray.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\AnalogX\Maxmem\maxmem.exe C:\Program Files (x86)\Trillian\trillian.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Marnick\AppData\Roaming\Light\Light\Profiles\gtgemjca.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_012015_1552_.backup ProfilePath: C:\Users\Marnick\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\6g3hud0z.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_012015_1552_.backup ProfilePath: C:\Users\Marnick\AppData\Roaming\Mozilla\Firefox\Profiles\9ypke8r8.default user.js not found ---- Lines finder removed from prefs.js ---- user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"add-ons-button\",\"developer-button\",\"preferences-button\",\"wi user_pref("extensions.findbartweak.hideWhenFinderHidden", true); ---- FireFox user.js and prefs.js backups ---- prefs_012015_1552_.backup ProfilePath: C:\Users\Marnick\AppData\Roaming\Thunderbird\Profiles\9ypke8r8.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_012015_1552_.backup ==== Deleting Files \ Folders ====================== C:\Users\Marnick\AppData\Roaming\redshiftg.ini deleted C:\PROGRA~3\Package Cache deleted C:\Users\Marnick\AppData\Local\CrashRpt deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Public\Documents\ShopperPro deleted C:\Windows\wininit.ini deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\gpt.ini deleted C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted C:\Users\Marnick\AppData\Roaming\Mozilla\Firefox\Profiles\9ypke8r8.default\jetpack deleted C:\Users\Marnick\Desktop\Continue 8oot-Logo-Changer Downloader Installation.lnk deleted "C:\Users\Marnick\AppData\Roaming\a8b79894d703aacd75441217597a28a42" deleted ==== System Specs ====================== Operating System: Microsoft Windows 8.1 Pro 6.3.9600 64-bit Manufacturer: LENOVO - Model: 688529G Install Date: 28/06/2014 08:34:04 Last Boot: 26/01/2015 15:16:20 Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz Number of Processors: 4 Work Station Bootmode: Normal boot Total RAM: 7757 MB (free 5791 MB - 74) Computername: LENO Domain: WORKGROUP User: Marnick (Non-Administrator account) Local Disk: C:\ - NTFS - 59 GB (free 9 GB) Local Disk: D:\ - NTFS - 168 GB (free 10 GB) Local Disk: E:\ - NTFS - 299 GB (free 9 GB) Local Disk: F:\ - NTFS - 165 GB (free 14 GB) Local Disk: X:\ - NTFS - 0 GB (free 0 GB) Bootdevice: \Device\HarddiskVolume1 Windows update: Country: United Kingdom Language: ENG ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Default Browser: Firefox 35.0 Internet Explorer Version: 11.0.9600.17498 Mozilla Firefox version: 35.0 (x86 en-US) Sun Java version: 1.8.0_31 (32-bit) Sun Java version: 1.8.0_31 (64-bit) Flash Player version: 16.0.0.296 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-01-24 23:25:49 B59EF013D567E5746F1DEE2565F747ED 43152 ----a-w- C:\Windows\avastSS.scr ====== E:\Temp\System ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-01-24 03:55:21 4FF6EC425BB58B1604792A7B29A30AE3 106976 ----a-w- C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-01-24 03:55:21 27145A60EEC798CB2437731F8504D293 714720 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-01-23 01:15:03 13D186FA6F19823C598335443CE233BC 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-01-16 05:40:51 D9F17FC61102D89A67A2AA3DD21231F5 33584 ----a-w- C:\Windows\SysWOW64\WerFaultSecure.exe 2015-01-16 05:40:51 1F9C1925A85C6CC592C2FF612A610412 372408 ----a-w- C:\Windows\SysWOW64\Faultrep.dll 2015-01-16 05:40:51 1EB1C1E43C1901865C5AE34A9771C069 448792 ----a-w- C:\Windows\SysWOW64\wer.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-01-24 23:25:50 6663B30328C239D2AB10D2583054CF2E 364512 ----a-w- C:\Windows\Sysnative\aswBoot.exe 2015-01-23 01:14:58 BD6CF5354EAE95D6C2807E6DAE79D3FF 111016 ----a-w- C:\Windows\Sysnative\WindowsAccessBridge-64.dll 2015-01-16 05:40:51 FE11972797DED38CA55E88BD3579F6A2 360448 ----a-w- C:\Windows\Sysnative\ncsi.dll 2015-01-16 05:40:51 E94EB2A95D7D016E119C4D6868788831 391680 ----a-w- C:\Windows\Sysnative\nlasvc.dll 2015-01-16 05:40:51 A41B72F81B389786805CC4D5767B5FBC 531616 ----a-w- C:\Windows\Sysnative\ci.dll 2015-01-16 05:40:51 9404704666256045F5BA9B290953B4D0 38264 ----a-w- C:\Windows\Sysnative\WerFaultSecure.exe 2015-01-16 05:40:51 8EBC741DDE9409038262E2F317ED7CCE 535640 ----a-w- C:\Windows\Sysnative\wer.dll 2015-01-16 05:40:51 8779FDAE68BC948B0FE152E758CC8DA7 229888 ----a-w- C:\Windows\Sysnative\AudioEndpointBuilder.dll 2015-01-16 05:40:51 41C501FD9D42F3F04A8532C73E09F356 108944 ----a-w- C:\Windows\Sysnative\EncDump.dll 2015-01-16 05:40:51 2C354FA91EF605007FD11BB89EED2266 413248 ----a-w- C:\Windows\Sysnative\Faultrep.dll 2015-01-16 05:40:51 29A888F3136B2643E22113B5422B46F9 87040 ----a-w- C:\Windows\Sysnative\TSWbPrxy.exe 2015-01-16 05:40:51 19424364D8C03B990C4281BE53963FD0 225280 ----a-w- C:\Windows\Sysnative\profsvc.dll ====== C:\Windows\Sysnative\drivers ===== 2015-01-24 23:25:56 E74FD717476B30E23F45354B8F3ACB30 1050432 ----a-w- C:\Windows\Sysnative\drivers\aswsnx.sys 2015-01-24 23:25:56 DE13ACC4B3EA66B4FBED7CF322807C90 87912 ----a-w- C:\Windows\Sysnative\drivers\aswmonflt.sys 2015-01-24 23:25:50 B1881A01E301990B671694CA1623F1B6 436624 ----a-w- C:\Windows\Sysnative\drivers\aswSP.sys 2015-01-24 23:25:50 9BE9F2B83DE80E2752B1405CC427E2EC 29208 ----a-w- C:\Windows\Sysnative\drivers\aswHwid.sys 2015-01-24 23:25:50 7509F07BA6F84C1E3B2C0D78A1F6F782 116728 ----a-w- C:\Windows\Sysnative\drivers\aswStm.sys 2015-01-24 23:25:50 4750016EF9CC1DEC6DA3FE5AF9A7F095 93568 ----a-w- C:\Windows\Sysnative\drivers\aswRdr2.sys 2015-01-24 23:25:50 1A5BDDE65B648DC3AD48B6ECAA3AE9C8 267632 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys 2015-01-24 23:25:50 1323269A92645705DEFA053F3596829D 65776 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys 2015-01-16 05:40:51 F0CB6DB513CAC393D04A0FCE0A59E1BF 75776 ----a-w- C:\Windows\Sysnative\drivers\ahcache.sys 2015-01-16 05:40:51 DB32958F0E704EFBF7F15161A569E39F 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys 2015-01-04 03:32:55 9CE6A62FB6ADC5D375B7169F6F93B2C1 192344 ----a-w- C:\Windows\Sysnative\drivers\veracrypt.sys ====== C:\Windows\Tasks ====== 2015-01-25 22:09:53 13A8714C3286203E539CEF79EAD6A2F0 3976 ----a-w- C:\Windows\Sysnative\Tasks\SSDlife 2015-01-24 23:25:53 DA8C94377B3CD36A72FE598C994DE861 4182 ----a-w- C:\Windows\Sysnative\Tasks\avast! Emergency Update 2015-01-24 07:18:05 3F32CC828E8D554D94703D66BD99BA34 3102 ----a-w- C:\Windows\Sysnative\Tasks\Process Explorer 2015-01-24 07:14:35 A4665C3B135FCF6B078B9B51947A9B46 3016 ----a-w- C:\Windows\Sysnative\Tasks\IMDisk ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-01-25 13:17:07 -------- d-----w- C:\Program Files\trend micro 2015-01-25 03:18:08 -------- d-----w- C:\Program Files\UltraDefrag 2015-01-25 03:17:46 -------- d-----w- C:\Program Files\MyDefrag v4.3.1 2015-01-12 05:44:03 -------- d-----w- C:\Program Files\Classic Shell 2015-01-04 03:33:37 -------- d-----w- C:\Program Files\VeraCrypt 2015-01-04 03:05:30 -------- d-----w- C:\Program Files\Pale Moon 2015-01-02 00:20:56 -------- d-----w- C:\Program Files\Inkscape ======= C:\PROGRA~2 ===== 2015-01-25 22:07:35 -------- d-----w- C:\PROGRA~2\BinarySense 2015-01-25 01:08:17 -------- d-----w- C:\PROGRA~2\MacheteSoft 2015-01-24 23:08:40 -------- d-----w- C:\PROGRA~2\Eusing Free Registry Cleaner 2015-01-23 01:14:55 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2015-01-19 20:46:37 -------- d-----w- C:\PROGRA~2\AutoHotkey 2015-01-16 00:28:05 -------- d-----w- C:\PROGRA~2\Light 2015-01-12 03:31:01 -------- d-----w- C:\PROGRA~2\WinDirStat 2015-01-05 19:14:20 -------- d-----w- C:\PROGRA~2\VirtuaWin 2015-01-04 03:16:38 -------- d-----w- C:\PROGRA~2\Google 2015-01-01 17:35:06 -------- d-----w- C:\PROGRA~2\Kodi 2014-12-31 23:50:43 -------- d-----w- C:\PROGRA~2\PerfMon4x ======= C: ===== 2015-01-24 11:22:08 0123CA06A937087E761F23F45BD0ACEF 1024 ---ha-w- C:\SYSTAG.BIN ====== C:\Users\Marnick\AppData\Roaming ====== 2015-01-26 08:17:47 40DA6AD7D51D5B982D790BAEDEADCAFF 4337960 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2015-01-25 01:08:21 -------- d-----w- C:\Users\Marnick\AppData\Roaming\Machete Lite 2015-01-24 23:08:42 -------- d-----w- C:\Users\Marnick\AppData\Roaming\Eusing 2015-01-24 23:08:40 -------- d-----w- C:\Users\Marnick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner 2015-01-24 22:18:23 -------- d-----w- C:\Users\Marnick\AppData\Local\Programs 2015-01-24 21:55:51 3DFA39F464729618984FE6E74B1A2C7A 83968 ----a-w- C:\Users\Marnick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-01-16 00:28:14 -------- d-----w- C:\Users\Marnick\AppData\Local\Light 2015-01-12 14:16:34 -------- d-----w- C:\Users\Marnick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7+ Taskbar Tweaker 2015-01-12 14:16:34 -------- d-----w- C:\Users\Marnick\AppData\Roaming\7+ Taskbar Tweaker 2015-01-12 05:44:18 -------- d-----w- C:\Users\Marnick\AppData\Roaming\ClassicShell 2015-01-12 03:31:01 -------- d-----w- C:\Users\Marnick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat 2015-01-07 19:33:46 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\QuickScan 2015-01-07 19:33:46 -------- d-----w- C:\Users\Marnick\AppData\Roaming\QuickScan 2015-01-06 22:52:55 -------- d-----w- C:\Users\Marnick\AppData\Roaming\Microsoft FxCop 2015-01-05 19:14:25 -------- d-----w- C:\Users\Marnick\AppData\Roaming\VirtuaWin 2015-01-04 03:33:45 -------- d-----w- C:\Users\Marnick\AppData\Roaming\VeraCrypt 2015-01-04 03:16:38 -------- d-----w- C:\Users\Marnick\AppData\Local\Google 2015-01-04 03:05:36 -------- d-----w- C:\Users\Marnick\AppData\Local\Moonchild Productions 2015-01-04 02:25:01 9CB88BEDDC792C953F7FA8CA2DCFD870 600 ----a-w- C:\Users\Marnick\AppData\Local\PUTTY.RND 2015-01-02 00:21:09 -------- d-----w- C:\Users\Marnick\AppData\Roaming\inkscape 2015-01-01 17:35:22 -------- d-----w- C:\Users\Marnick\AppData\Roaming\Kodi 2015-01-01 17:35:18 -------- d-----w- C:\Users\Marnick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi ====== C:\Users\Marnick ====== 2015-01-26 14:18:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices 2015-01-25 22:07:48 -------- d-----w- C:\ProgramData\Licenses 2015-01-25 22:07:48 -------- d-----w- C:\ProgramData\Binarysense 2015-01-25 22:07:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSDlife 2015-01-25 03:17:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1 2015-01-25 01:08:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Machete Lite 2015-01-19 20:46:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey 2015-01-17 08:41:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MidSpace 2015-01-12 05:44:17 -------- d-----w- C:\ProgramData\ClassicShell 2015-01-12 05:44:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell 2015-01-12 03:31:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat 2015-01-09 03:58:57 -------- d-----w- C:\Users\Marnick\uBlock 2015-01-05 19:14:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VirtuaWin 2015-01-04 03:33:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeraCrypt 2015-01-04 03:12:07 -------- d-----w- C:\Users\Marnick\.dbus-keyrings 2015-01-02 00:20:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape 0.91pre3 2014-12-31 23:50:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Performance Monitor 4.x ====== C: exe-files == 2015-01-25 13:17:07 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Marnick.exe 2015-01-25 03:18:10 F36FF584D715855F303697443E3A4877 112655 ----a-w- C:\Program Files\UltraDefrag\uninstall.exe 2015-01-25 03:17:46 C5A98D38BD86042C66A7490EF24FED09 1511491 ----a-w- C:\Program Files\MyDefrag v4.3.1\unins000.exe 2015-01-25 03:17:46 1270ECE007927A7989D78A7B91C8A58A 82944 ----a-w- C:\Program Files\MyDefrag v4.3.1\MyFragmenter.exe 2015-01-25 03:17:46 07A66D35F6AC01E5CDE27AE15204C284 1134592 ----a-w- C:\Program Files\MyDefrag v4.3.1\MyDefrag.exe 2015-01-24 23:25:50 6663B30328C239D2AB10D2583054CF2E 364512 ----a-w- C:\Windows\System32\aswBoot.exe 2015-01-24 23:08:40 973567B98CDFC147DF4E60471D9DF072 153088 ----a-w- C:\Program Files (x86)\Eusing Free Registry Cleaner\UNWISE.EXE 2015-01-24 23:08:40 1C9E4DE12098C05AA75CF216D372F125 1499136 ----a-w- C:\Program Files (x86)\Eusing Free Registry Cleaner\Regcleaner.exe 2015-01-24 03:55:21 27145A60EEC798CB2437731F8504D293 714720 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-01-23 01:15:03 F951A8D249C943E7ECDF66D2FE16CDCD 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2015-01-23 01:15:03 F40410CE27DE0823A93B2BD4BFE4F3F6 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2015-01-23 01:15:03 12B174AA182C0C98ACAE637EEA9C52A0 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2015-01-23 01:14:48 FA78A9BBAF7352401B7F982464160448 16808 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\rmiregistry.exe 2015-01-23 01:14:48 F951A8D249C943E7ECDF66D2FE16CDCD 191400 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\javaw.exe 2015-01-23 01:14:48 F40410CE27DE0823A93B2BD4BFE4F3F6 319912 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\javaws.exe 2015-01-23 01:14:48 F37694550A132DB95F52A14D65C3BF7D 16296 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\kinit.exe 2015-01-23 01:14:48 F1D678998EDEAE9DF3300E6521A119F2 77224 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\javacpl.exe 2015-01-23 01:14:48 CB836597AE26F0D031CF7A0C934EC218 16296 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\pack200.exe 2015-01-23 01:14:48 C7FDEF85040A4602C3547E4C5B700CF9 15784 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\keytool.exe 2015-01-23 01:14:48 B9BAB51EDBBF27E480A07F904124F810 197544 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\unpack200.exe 2015-01-23 01:14:48 B53F3B97AA13A200F8DB5BFA2684F953 16808 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\servertool.exe 2015-01-23 01:14:48 B4614F21174A2F1DAA5394062885C8E5 16296 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\ktab.exe 2015-01-23 01:14:48 886C21FEA39553EA786355C58379AB75 16296 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\tnameserv.exe 2015-01-23 01:14:48 713DBD861EC396B286A1970A4F0F6951 16808 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\policytool.exe 2015-01-23 01:14:48 6E23278A38DCB78C29B19386B1D509DC 34216 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\jabswitch.exe 2015-01-23 01:14:48 5657E104B156F043BC002C3EDC1C79E4 16296 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\orbd.exe 2015-01-23 01:14:48 4AE110AC85558EF04CB3677754A98427 66472 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\ssvagent.exe 2015-01-23 01:14:48 3B65C09A8A823334CE0EB9AA3F9BDFE5 15784 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\rmid.exe 2015-01-23 01:14:48 12B174AA182C0C98ACAE637EEA9C52A0 190888 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\java.exe 2015-01-23 01:14:48 1125B37F1D6BAF143AF129831B06D1BD 15784 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\java-rmi.exe 2015-01-23 01:14:48 0F19A5EE1E440C0F05554FA3A48EF000 100264 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\jp2launcher.exe 2015-01-23 01:14:48 06CE06172AA1185E701647429A9C18C9 15784 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\jjs.exe 2015-01-23 01:14:48 03597BDF891C9FDB3A4F1C2DA591A4C4 16296 ----a-w- C:\Program Files\Java\jre1.8.0_31\bin\klist.exe 2015-01-23 01:14:39 F9D744CD9BC58F287F8FA59D32508EDD 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\orbd.exe 2015-01-23 01:14:39 F5EA785B2BCC08DC28CBC2D96E05F2C1 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe 2015-01-23 01:14:39 DF1C8EDDAF14D2960A06A9DF7B2D0A89 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\java-rmi.exe 2015-01-23 01:14:39 DBB5C8AE19ACFA2857CFB90C7305AC56 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssvagent.exe 2015-01-23 01:14:39 DA34E76DE9CD93471F24E7BD43139958 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\kinit.exe 2015-01-23 01:14:39 CDB1FE0DCF2ADB755EBF65C8AEBBC871 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\servertool.exe 2015-01-23 01:14:39 B0D46640968F989830413EB88F43E0D0 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\java.exe 2015-01-23 01:14:39 AF82EA1498FEC5C49B8A1AE5AA0A5F6C 77224 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2launcher.exe 2015-01-23 01:14:39 A8884FB8246655C84F110E77DF5E1B4A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\ktab.exe 2015-01-23 01:14:39 90C02BD6D01BBC1C620323F9E330E89C 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\jjs.exe 2015-01-23 01:14:39 8B6DF9CD28359C5E819446FD79CE3948 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\rmiregistry.exe 2015-01-23 01:14:39 7479DA0BED071427A3F0017AC51CC27B 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\unpack200.exe 2015-01-23 01:14:39 69BD74EE834B5629226BF89468B8020B 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\keytool.exe 2015-01-23 01:14:39 5F7C51E0DCA813D647F14FC12AE675F2 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\policytool.exe 2015-01-23 01:14:39 577F5DCBA4DE4C345631873670F84E79 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\tnameserv.exe 2015-01-23 01:14:39 52C8B9FD016E6317FDB151296FF90877 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaws.exe 2015-01-23 01:14:39 3E72E1AB196855916E2065C604674631 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe 2015-01-23 01:14:39 39685FC75B6FB2144E793595F1AB111D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\pack200.exe 2015-01-23 01:14:39 2F77C9862B1A2401278C4A5B932DA69D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\klist.exe 2015-01-23 01:14:39 0FB2ACAC796B166F6486B593B604A3FF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\rmid.exe 2015-01-23 01:14:39 063A1044A451660B159426B9C5E75957 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\jabswitch.exe 2015-01-21 09:57:46 5CE0579443A2A2D783C5DE7EBB6C94E1 535040 ----a-w- C:\Tools\Dolphin\DSPTool.exe 2015-01-21 09:57:45 CF1E4A13903CD21FA64CD949CB06451F 13230592 ----a-w- C:\Tools\Dolphin\Dolphin.exe 2015-01-20 00:31:40 8EBBAB4AE945947E6D4D37743F875025 432456 ----a-w- C:\Users\Marnick\AppData\Local\NVIDIA\NvBackend\Packages\00006b79\CoProc update.19241512.exe 2015-01-19 20:46:38 4B670AE0775B0C21C293C3714AEDDBE5 50484 ----a-w- C:\Program Files (x86)\AutoHotkey\uninst.exe === C: other files == 2015-01-25 20:33:18 591E1F08E1C17B0962280E6330051B3C 202592 ----a-w- C:\Users\Marnick\AppData\Roaming\Mozilla\Firefox\Profiles\9ypke8r8.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi 2015-01-24 23:25:56 E74FD717476B30E23F45354B8F3ACB30 1050432 ----a-w- C:\Windows\System32\drivers\aswsnx.sys 2015-01-24 23:25:56 DE13ACC4B3EA66B4FBED7CF322807C90 87912 ----a-w- C:\Windows\System32\drivers\aswmonflt.sys 2015-01-24 23:25:50 B1881A01E301990B671694CA1623F1B6 436624 ----a-w- C:\Windows\System32\drivers\aswSP.sys 2015-01-24 23:25:50 9BE9F2B83DE80E2752B1405CC427E2EC 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys 2015-01-24 23:25:50 7509F07BA6F84C1E3B2C0D78A1F6F782 116728 ----a-w- C:\Windows\System32\drivers\aswStm.sys 2015-01-24 23:25:50 4750016EF9CC1DEC6DA3FE5AF9A7F095 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2015-01-24 23:25:50 1A5BDDE65B648DC3AD48B6ECAA3AE9C8 267632 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2015-01-24 23:25:50 1323269A92645705DEFA053F3596829D 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2015-01-23 01:14:48 CE38122121C784E6380EF424637DBC3F 14130 ----a-w- C:\Program Files\Java\jre1.8.0_31\lib\deploy\ffjcext.zip 2015-01-23 01:14:39 3315140254247E248C3531F159C79109 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\lib\deploy\ffjcext.zip 2015-01-20 22:54:31 5059756FD15EF2BD65D1ACE2DD522838 88453 ----a-w- C:\Users\Marnick\AppData\Roaming\Kodi\addons\packages\script.grab.fanart-0.13.2.zip 2015-01-20 22:54:20 E5637A29DF675E458C98C0824B2D4DCA 364456 ----a-w- C:\Users\Marnick\AppData\Roaming\Kodi\addons\packages\script.videolanguage-0.1.0.zip 2015-01-20 22:54:15 CB9488541061051262E8A136F5FE3788 1041441 ----a-w- C:\Users\Marnick\AppData\Roaming\Kodi\addons\packages\script.tv.show.next.aired-6.0.13.zip 2015-01-20 22:54:14 5EC8957C1BA7C1C927026AA1A2C14761 17901 ----a-w- C:\Users\Marnick\AppData\Roaming\Kodi\addons\packages\script.randomandlastitems-2.2.2.zip 2015-01-20 22:54:11 7E878AC89C15877C5A23B07AA9C88F9F 94475 ----a-w- C:\Users\Marnick\AppData\Roaming\Kodi\addons\packages\script.favourites-6.0.1.zip 2015-01-20 22:54:10 B3A71E8120D645B8AE72F1A07DAFA49F 20662456 ----a-w- C:\Users\Marnick\AppData\Roaming\Kodi\addons\packages\skin.rapier-7.1.0.zip 2015-01-20 22:54:08 29FAD224E58442D28BAC1776772942E8 573297 ----a-w- C:\Users\Marnick\AppData\Roaming\Kodi\addons\packages\script.artwork.downloader-12.0.29.zip 2015-01-20 22:54:05 FCE65CFD4BFC5AE36C7E2D6F78260415 33912601 ----a-w- C:\Users\Marnick\AppData\Roaming\Kodi\addons\packages\skin.nebula-2.4.0.zip 2015-01-20 22:53:43 7662EB0E1668592BB553242D7D8524A3 32324384 ----a-w- C:\Users\Marnick\AppData\Roaming\Kodi\addons\packages\skin.1080xf-3.40.56.zip 2015-01-20 22:46:12 8A0F7A3894C34A8A508DE4D7313764B6 693263 ----a-w- C:\Users\Marnick\AppData\Roaming\Kodi\addons\packages\plugin.video.xbmb3c-0.9.764.zip 2015-01-20 22:45:05 DC9D1A2694B0244F9024F8D483CAE63E 5758797 ----a-w- C:\Users\Marnick\AppData\Roaming\Kodi\addons\packages\skin.maximinimalism-1.1.1.zip 2015-01-20 22:45:05 AAE5F9F13F0837D1C3A82FD6D7ACA2EF 197691 ----a-w- C:\Users\Marnick\AppData\Roaming\Kodi\addons\packages\weather.yahoo-3.0.5.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2856731745-892397407-2727836350-1001\Software\Microsoft\Windows\CurrentVersion\Run] "puush"="C:\Program Files (x86)\Puush\puush.exe" "Steam"="D:\Steam\steam.exe -silent" "QuiteRSS"="C:\Program Files (x86)\QuiteRSS\QuiteRSS.exe" "RedshiftGUI"="C:\Program Files (x86)\RedshiftGUI\redshiftgui.exe" "POP Peeper"="C:\Program Files (x86)\POP Peeper\POPPeeper.exe -min" "SuperF4"="C:\Tools\SuperF4\SuperF4.exe" "Kalender"="C:\Program Files (x86)\Kalender\Kalender.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Meminfo"=":C:\Program Files (x86)\Meminfo\meminfo.exe" "Pidgin"=":C:\Program Files (x86)\Pidgin\pidgin.exe" "PerfMon"=":C:\Program Files (x86)\PerfMon4x\PerfMon.exe" "CPU"=":C:\Tools\DiskLED\CPU\DiskLED.exe" "Disk0"="C:\Tools\DiskLED\Disk0\DiskLED.exe" "Disk1"="C:\Tools\DiskLED\Disk1\DiskLED.exe" "Ethervane"="C:\Program Files (x86)\Ethervane\Echo\ethervaneecho.exe" "FARR"="C:\Program Files (x86)\Find And Run Robot\FindAndRunRobot.exe" "Miniweb"=":C:\Tools\NTWind\Hidden Start\hstart.exe /NOCONSOLE C:\Tools\Miniweb\miniweb.exe" "Networkup"="C:\Tools\DiskLED\NetworkUp\DiskLED.exe" "Networkdown"="C:\Tools\DiskLED\NetworkDown\DiskLED.exe" "VirtuaWin"=":C:\Program Files (x86)\VirtuaWin\VirtuaWin.exe" "Rainmeter"=":C:\Program Files\Rainmeter\Rainmeter.exe" "7 Taskbar Tweaker"="C:\Users\Marnick\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe -hidewnd" "RBTray"=":C:\Tools\RBTray 4.1\64bit\RBTray.exe" "Thunderbird"=":C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MiniBin"="C:\Program Files (x86)\Minibin\MiniBin.exe" "Gridmove"="C:\Program Files (x86)\Gridmove\GridMove.exe" "ProcessTamer"="C:\Program Files (x86)\Processtamer\ProcessTamerTray.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "puush"="C:\Program Files (x86)\Puush\puush.exe" "Steam"="D:\Steam\steam.exe -silent" "QuiteRSS"="C:\Program Files (x86)\QuiteRSS\QuiteRSS.exe" "RedshiftGUI"="C:\Program Files (x86)\RedshiftGUI\redshiftgui.exe" "POP Peeper"="C:\Program Files (x86)\POP Peeper\POPPeeper.exe -min" "SuperF4"="C:\Tools\SuperF4\SuperF4.exe" "Kalender"="C:\Program Files (x86)\Kalender\Kalender.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Meminfo"=":C:\Program Files (x86)\Meminfo\meminfo.exe" "Pidgin"=":C:\Program Files (x86)\Pidgin\pidgin.exe" "PerfMon"=":C:\Program Files (x86)\PerfMon4x\PerfMon.exe" "CPU"=":C:\Tools\DiskLED\CPU\DiskLED.exe" "Disk0"="C:\Tools\DiskLED\Disk0\DiskLED.exe" "Disk1"="C:\Tools\DiskLED\Disk1\DiskLED.exe" "Ethervane"="C:\Program Files (x86)\Ethervane\Echo\ethervaneecho.exe" "FARR"="C:\Program Files (x86)\Find And Run Robot\FindAndRunRobot.exe" "Miniweb"=":C:\Tools\NTWind\Hidden Start\hstart.exe /NOCONSOLE C:\Tools\Miniweb\miniweb.exe" "Networkup"="C:\Tools\DiskLED\NetworkUp\DiskLED.exe" "Networkdown"="C:\Tools\DiskLED\NetworkDown\DiskLED.exe" "VirtuaWin"=":C:\Program Files (x86)\VirtuaWin\VirtuaWin.exe" "Rainmeter"=":C:\Program Files\Rainmeter\Rainmeter.exe" "7 Taskbar Tweaker"="C:\Users\Marnick\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe -hidewnd" "RBTray"=":C:\Tools\RBTray 4.1\64bit\RBTray.exe" "Thunderbird"=":C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Everything"="C:\Program Files\Everything\Everything.exe -startup" "BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll,TrayApp" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "TpShocks"="TpShocks.exe" "wdsmgr"=":C:\Program Files\ITknowledge24\Windows Defender Status Manager\wdsmgr.exe" "Classic Start Menu"="C:\Program Files\Classic Shell\ClassicStartMenu.exe -autorun" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll" ==== Startup Folders ====================== 2014-12-24 22:56:11 1195 ----a-w- C:\Users\Marnick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2015-01-24 05:20:15 1176 ----a-w- C:\Users\Marnick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Maxmem.lnk 2014-12-29 15:36:04 1066 ----a-w- C:\Users\Marnick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AutoPico Daily Restart" ["C:\Program Files\KMSpico\AutoPico.exe"] "C:\Windows\SysNative\tasks\IMDisk" [E:\Scripts\BAT\IMDisk.bat] "C:\Windows\SysNative\tasks\Process Explorer" [C:\Tools\Sysinternals\procexp64.exe] "C:\Windows\SysNative\tasks\SSDlife" [C:\Program Files (x86)\BinarySense\SSDlife\ssdlife.exe] "C:\Windows\SysNative\tasks\Synaptics TouchPad Enhancements" ["C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{14F7313F-A293-4AEF-ACBA-C3CF9269A71C}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\WizMouse" ["C:\Program Files (x86)\WizMouse\WizMouseLaunch.exe"] "C:\Windows\SysNative\tasks\nvidiaInspector\StartupGPU0_Level2" [C:\Tools\NVidia Inspector\nvidiaInspector.exe] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Marnick\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\6g3hud0z.default - FT DeepDark - %ProfilePath%\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} ProfilePath: C:\Users\Marnick\AppData\Roaming\Mozilla\Firefox\Profiles\9ypke8r8.default - Undetermined - identfavicon@david.hanak.hu - Undetermined - copylinkurl@bluelightdev.com - Undetermined - status4evar@caligonstudios.com - Undetermined - {992791ee-61dc-7b98-a8fd-dc49b7deeee9} - Undetermined - {A4732521-77D9-447E-A557-B279AC923F06} - Undetermined - commander@palemoon.org - Undetermined - netvideohunter@netvideohunter.com - Undetermined - {8A6C82A1-F6C9-481a-AAE7-C96444C9A754} - Undetermined - {a7c6cf7f-112c-4500-a7ea-39801a327e5f} - Undetermined - https-everywhere@eff.org - Undetermined - {46551EC9-40F0-4e47-8E18-8E5CF550CFB8} - HTTPS-Everywhere - %ProfilePath%\extensions\https-everywhere@eff.org - NetVideoHunter - %ProfilePath%\extensions\netvideohunter@netvideohunter.com - FT DeepDark - %ProfilePath%\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} - PrefBar - %ProfilePath%\extensions\{8A6C82A1-F6C9-481a-AAE7-C96444C9A754} - FireFTP - %ProfilePath%\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} - about:addons-memory - %ProfilePath%\extensions\about-addons-memory@tn123.org.xpi - Click to Play per-element - %ProfilePath%\extensions\ClickToPlayPerElement@uaSad.addons.mozilla.org.xpi - Pale Moon Commander - %ProfilePath%\extensions\commander@palemoon.org.xpi - Copy Link URL - %ProfilePath%\extensions\copylinkurl@bluelightdev.com.xpi - Download Panel Tweaker - %ProfilePath%\extensions\downloadPanelTweaker@infocatcher.xpi - FindBar Tweak - %ProfilePath%\extensions\fbt@quicksaver.xpi - IdentFavIcon - %ProfilePath%\extensions\identfavicon@david.hanak.hu.xpi - Public IP Display - %ProfilePath%\extensions\jid0-kir41BQbr1lrsxH7OtZiYZsROXw@jetpack.xpi - Private Browsing Proxy - %ProfilePath%\extensions\jid0-YKD0pDHAi6iJdBHruo8SEIJuFv8@jetpack.xpi - Linkspy - %ProfilePath%\extensions\jid1-26NTXeNmMQ3Gvw@jetpack.xpi - Regex Finder - %ProfilePath%\extensions\jid1-42P0uI0B9u5UmQ@jetpack.xpi - Video Tabber - %ProfilePath%\extensions\jid1-4Lga6BdrOR5Qhg@jetpack.xpi - Plain Text Linker - %ProfilePath%\extensions\jid1-CeHl9T9miaoK2w@jetpack.xpi - Page Dark - %ProfilePath%\extensions\jid1-KURHKhwWqnpmKQ@jetpack.xpi - Double-click Image Downloader - %ProfilePath%\extensions\jid1-xgtdawe3yyUeBQ@jetpack.xpi - Update Listener - %ProfilePath%\extensions\jid1-zDzDFKM0XYF9kQ@jetpack.xpi - Pure URL - %ProfilePath%\extensions\pure-url@jetpack.xpi - Redirect Cleaner - %ProfilePath%\extensions\redirectcleaner@example.net.xpi - Slim Add-ons Manager - %ProfilePath%\extensions\slimaddonmanager@opendfki.de.xpi - Auto-Sort Bookmarks - %ProfilePath%\extensions\sortbookmarks@bouanto.xpi - Status-4-Evar - %ProfilePath%\extensions\status4evar@caligonstudios.com.xpi - Undetermined - %ProfilePath%\extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi - Stylish - %ProfilePath%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi - TryAgain - %ProfilePath%\extensions\{992791ee-61dc-7b98-a8fd-dc49b7deeee9}.xpi - Image Toolbar - %ProfilePath%\extensions\{A4732521-77D9-447E-A557-B279AC923F06}.xpi - Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi ProfilePath: C:\Users\Marnick\AppData\Roaming\Thunderbird\Profiles\9ypke8r8.default - Enigmail - %ProfilePath%\extensions\{847b3a00-7ab1-11d4-8f02-006008948af5} - TT DeepDark - %ProfilePath%\extensions\{9ed238c0-af95-11e0-9f1c-0800200c9a66} - ImportExportTools - %ProfilePath%\extensions\{3ed8cc52-86fc-4613-9026-c1ef969da4c3}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Marnick\AppData\Roaming\Mozilla\Firefox\Profiles\9ypke8r8.default 0FC325593893749364EC4A733E7D9100 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll - Shockwave Flash ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\calc.exe deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Microsoft Web Test Recorder 12.0 Helper - {432dd630-7e03-4c97-9d62-b99f52df4fc2} - C:\Program Files (x86)\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll O4 - HKLM\..\Run: [MiniBin] C:\Program Files (x86)\Minibin\MiniBin.exe O4 - HKLM\..\Run: [Gridmove] C:\Program Files (x86)\Gridmove\GridMove.exe O4 - HKLM\..\Run: [ProcessTamer] C:\Program Files (x86)\Processtamer\ProcessTamerTray.exe O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKCU\..\Run: [puush] C:\Program Files (x86)\Puush\puush.exe O4 - HKCU\..\Run: [Steam] "D:\Steam\steam.exe" -silent O4 - HKCU\..\Run: [QuiteRSS] C:\Program Files (x86)\QuiteRSS\QuiteRSS.exe O4 - HKCU\..\Run: [RedshiftGUI] C:\Program Files (x86)\RedshiftGUI\redshiftgui.exe O4 - HKCU\..\Run: [POP Peeper] "C:\Program Files (x86)\POP Peeper\POPPeeper.exe" -min O4 - HKCU\..\Run: [SuperF4] "C:\Tools\SuperF4\SuperF4.exe" O4 - HKCU\..\Run: [Kalender] C:\Program Files (x86)\Kalender\Kalender.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [Meminfo] :"C:\Program Files (x86)\Meminfo\meminfo.exe" O4 - HKCU\..\Run: [Pidgin] :"C:\Program Files (x86)\Pidgin\pidgin.exe" O4 - HKCU\..\Run: [PerfMon] :C:\Program Files (x86)\PerfMon4x\PerfMon.exe O4 - HKCU\..\Run: [CPU] :"C:\Tools\DiskLED\CPU\DiskLED.exe" O4 - HKCU\..\Run: [Disk0] "C:\Tools\DiskLED\Disk0\DiskLED.exe" O4 - HKCU\..\Run: [Disk1] "C:\Tools\DiskLED\Disk1\DiskLED.exe" O4 - HKCU\..\Run: [Ethervane] "C:\Program Files (x86)\Ethervane\Echo\ethervaneecho.exe" O4 - HKCU\..\Run: [FARR] "C:\Program Files (x86)\Find And Run Robot\FindAndRunRobot.exe" O4 - HKCU\..\Run: [Miniweb] :"C:\Tools\NTWind\Hidden Start\hstart.exe" /NOCONSOLE "C:\Tools\Miniweb\miniweb.exe" O4 - HKCU\..\Run: [Networkup] "C:\Tools\DiskLED\NetworkUp\DiskLED.exe" O4 - HKCU\..\Run: [Networkdown] "C:\Tools\DiskLED\NetworkDown\DiskLED.exe" O4 - HKCU\..\Run: [VirtuaWin] :"C:\Program Files (x86)\VirtuaWin\VirtuaWin.exe" O4 - HKCU\..\Run: [Rainmeter] :"C:\Program Files\Rainmeter\Rainmeter.exe" O4 - HKCU\..\Run: [7 Taskbar Tweaker] "C:\Users\Marnick\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe" -hidewnd O4 - HKCU\..\Run: [Mediakeys] "E:\Scripts\AHK\Mediakeys.ahk" O4 - HKCU\..\Run: [RBTray] :"C:\Tools\RBTray 4.1\64bit\RBTray.exe" O4 - HKCU\..\Run: [Thunderbird] :"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe" O4 - Startup: Dropbox.lnk = Marnick\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Maxmem.lnk = C:\Program Files (x86)\AnalogX\Maxmem\maxmem.exe O4 - Startup: Trillian.lnk = C:\Program Files (x86)\Trillian\trillian.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) - AOMEI Tech Co., Ltd. - C:\Program Files (x86)\AOMEI Backupper Standard Edition 2.1.0\ABService.exe O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: DirMngr - Unknown owner - C:\Program Files (x86)\GNU\GNUPG\dirmngr.exe O23 - Service: Encrypting File System (EFS) (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Everything - Unknown owner - C:\Program Files\Everything\Everything.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @oem50.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: ImDisk Virtual Disk Driver Helper (ImDskSvc) - Unknown owner - C:\Windows\system32\imdsksvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: Tor Win32 Service (tor) - Unknown owner - C:\Program Files (x86)\Tor\tor.exe O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Unchecky - RaMMicHaeL - C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\Windows\unsignedthemes.exe O23 - Service: @oem26.inf,%WBFService_SvcDesc%;Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing) O23 - Service: @oem26.inf,%BioSyncService_SvcDesc%;BiometricSensorDataSynchronization (valWbioSyncSvc) - Unknown owner - C:\Windows\system32\valWbioSyncSvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=699 folders=1025 2969098828 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Marnick\AppData\Local\Temp emptied successfully C:\Users\MSSQL$SQLSERVER2012\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on 26/01/2015 at 16:02:02.26 ======================