Zoek.exe v5.0.0.1 Updated 03-November-2015 Tool run by User on wo 04-11-2015 at 16:16:41,99. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\User\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2015-11-04-140651.log 66082 bytes ==== Empty Folders Check ====================== C:\Users\User\AppData\Roaming\FreeFixer deleted successfully C:\Users\User\AppData\Roaming\QuickScan deleted successfully C:\Users\User\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\User\AppData\Local\EmieSiteList deleted successfully C:\Users\User\AppData\Local\EmieUserList deleted successfully C:\Users\User\AppData\Local\Opera Software deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== æTorrent Adobe Flash Player 19 NPAPI Adobe Reader XI (11.0.13) - Nederlands Adobe Refresh Manager Adobe Shockwave Player 12.2 ASUS Instant Connect ASUS InstantOn ASUS Power4Gear Hybrid ASUS Smart Gesture ASUS Splendid Video Enhancement Technology ASUS Tutor ASUS USB Charger Plus ASUS WebStorage Sync Agent ASUSDVD ATK Package Battlefield 3T Battlelog Web Plugins Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch CCleaner Cisco Systems VPN Client 5.0.07.0440 Citrix Authentication Manager Citrix Receiver Citrix Receiver (HDX Flash Redirection) Citrix Receiver Inside Citrix Receiver Updater Citrix Receiver(Aero) Citrix Receiver(DV) Citrix Receiver(USB) Classic Shell Definition Update for Microsoft Office 2013 (KB3085580) 32-Bit Edition f.lux Google Chrome Google Update Helper Intel(R) Management Engine Components Intel(R) Processor Graphics Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel© Trusted Connect Service Client Malwarebytes Anti-Malware versie 2.2.0.1024 Media Go Media Go Network Downloader Media Go Video Playback Engine 2.16.105.12020 Microsoft Access MUI (Dutch) 2013 Microsoft ASP.NET MVC 4 Runtime Microsoft DCF MUI (Dutch) 2013 Microsoft Excel MUI (Dutch) 2013 Microsoft Groove MUI (Dutch) 2013 Microsoft InfoPath MUI (Dutch) 2013 Microsoft Lync MUI (Dutch) 2013 Microsoft Office 64-bit Components 2013 Microsoft Office Korrekturhilfen 2013 - Deutsch Microsoft Office OSM MUI (Dutch) 2013 Microsoft Office OSM UX MUI (Dutch) 2013 Microsoft Office Professional Plus 2013 Microsoft Office Proofing (Dutch) 2013 Microsoft Office Proofing Tools 2013 - English Microsoft Office Proofing Tools 2013 - Nederlands Microsoft Office Shared 64-bit MUI (Dutch) 2013 Microsoft Office Shared MUI (Dutch) 2013 Microsoft OneNote MUI (Dutch) 2013 Microsoft Outlook MUI (Dutch) 2013 Microsoft PowerPoint MUI (Dutch) 2013 Microsoft Publisher MUI (Dutch) 2013 Microsoft Silverlight Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft Word MUI (Dutch) 2013 Mozilla Firefox 41.0.2 (x86 nl) Mozilla Maintenance Service NVIDIA-configuratiescherm 358.50 NVIDIA Grafisch stuurprogramma 358.50 NVIDIA Install Application NVIDIA Optimus 1.10.8 NVIDIA PhysX Systeem Software 9.15.0428 NVIDIA Update 1.10.8 NVIDIA Update Components Office 15 Click-to-Run Licensing Component Online Plug-in Origin Outils de v‚rification linguistique 2013 de Microsoft Officeÿ- Fran‡ais Popcorn Time Qualcomm Atheros Bluetooth Suite (64) Qualcomm Atheros Client Installation Program Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Security Update for Microsoft Excel 2013 (KB3085583) 32-Bit Edition Security Update for Microsoft Office 2013 (KB2880502) 32-Bit Edition Security Update for Microsoft Office 2013 (KB2910941) 32-Bit Edition Security Update for Microsoft Office 2013 (KB3039734) 32-Bit Edition Security Update for Microsoft Office 2013 (KB3039798) 32-Bit Edition Security Update for Microsoft Office 2013 (KB3054816) 32-Bit Edition Security Update for Microsoft Office 2013 (KB3054932) 32-Bit Edition Self-service Plug-in Setup Shared C Run-time for x64 SkypeT 7.12 Sony PC Companion 2.10.245 SUPERAntiSpyware swMSM System Ninja version 3.1.1 Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Update for Microsoft Access 2013 (KB3085503) 32-Bit Edition Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition Update for Microsoft Office 2013 (KB2760371) 32-Bit Edition Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition Update for Microsoft Office 2013 (KB2880487) 32-Bit Edition Update for Microsoft Office 2013 (KB2881076) 32-Bit Edition Update for Microsoft Office 2013 (KB2883095) 32-Bit Edition Update for Microsoft Office 2013 (KB2889863) 32-Bit Edition Update for Microsoft Office 2013 (KB2899522) 32-Bit Edition Update for Microsoft Office 2013 (KB2975869) 32-Bit Edition Update for Microsoft Office 2013 (KB3023052) 32-Bit Edition Update for Microsoft Office 2013 (KB3039701) 32-Bit Edition Update for Microsoft Office 2013 (KB3039718) 32-Bit Edition Update for Microsoft Office 2013 (KB3039720) 32-Bit Edition Update for Microsoft Office 2013 (KB3039739) 32-Bit Edition Update for Microsoft Office 2013 (KB3039762) 32-Bit Edition Update for Microsoft Office 2013 (KB3039766) 32-Bit Edition Update for Microsoft Office 2013 (KB3039778) 32-Bit Edition Update for Microsoft Office 2013 (KB3039787) 32-Bit Edition Update for Microsoft Office 2013 (KB3039800) 32-Bit Edition Update for Microsoft Office 2013 (KB3054783) 32-Bit Edition Update for Microsoft Office 2013 (KB3054785) 32-Bit Edition Update for Microsoft Office 2013 (KB3054805) 32-Bit Edition Update for Microsoft Office 2013 (KB3054856) 32-Bit Edition Update for Microsoft Office 2013 (KB3054935) 32-Bit Edition Update for Microsoft Office 2013 (KB3054941) 32-Bit Edition Update for Microsoft Office 2013 (KB3055011) 32-Bit Edition Update for Microsoft Office 2013 (KB3085479) 32-Bit Edition Update for Microsoft Office 2013 (KB3085493) 32-Bit Edition Update for Microsoft Office 2013 (KB3085506) 32-Bit Edition Update for Microsoft Office 2013 (KB3085563) 32-Bit Edition Update for Microsoft Office 2013 (KB3085566) 32-Bit Edition Update for Microsoft Office 2013 (KB3085576) 32-Bit Edition Update for Microsoft Office 2013 (KB3085585) 32-Bit Edition Update for Microsoft OneDrive for Business (KB3085509) 32-Bit Edition Update for Microsoft OneNote 2013 (KB3085574) 32-Bit Edition Update for Microsoft Outlook 2013 (KB3085579) 32-Bit Edition Update for Microsoft Outlook Social Connector 2013 (KB3054854) 32-Bit Edition Update for Microsoft PowerPoint 2013 (KB3085564) 32-Bit Edition Update for Microsoft Project 2013 (KB3085590) 32-Bit Edition Update for Microsoft Publisher 2013 (KB3023050) 32-Bit Edition Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition Update for Microsoft Word 2013 (KB3085573) 32-Bit Edition Update for Skype for Business 2015 (KB2889853) 32-Bit Edition Update for Skype for Business 2015 (KB3085581) 32-Bit Edition VLC media player WinFlash WinRAR 5.21 (64-bit) ==== Running Processes ====================== C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\WINDOWS\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Popcorn Time\Updater.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Users\User\Desktop\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\3ngvi4rr.default-1446543442242 user.js not found ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 3); ---- FireFox user.js and prefs.js backups ---- prefs_04-11-2015_1625_.backup ==== Deleting Files \ Folders ====================== C:\Users\User\AppData\Roaming\ARCompanion.log deleted C:\PROGRA~3\Package Cache deleted C:\Users\User\AppData\Local\globalUpdate deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\WINDOWS\SysNative\config\systemprofile\Searches deleted C:\WINDOWS\SysWow64\AI_RecycleBin deleted C:\Users\User\AppData\Local\Donelectronics.exe.config deleted "C:\WINDOWS\Installer\fcb78d2.msi" deleted "C:\Users\User\AppData\Roaming\leX81di6q8SAM1bkFQ" deleted "C:\Users\User\AppData\Roaming\rNIrEI7gxoga0GxWp" deleted "C:\Program Files (x86)\Popcorn Time\init.txt" not deleted "C:\Program Files (x86)\Popcorn Time\Updater.exe" deleted "C:\Program Files (x86)\Popcorn Time" not deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3974 MB CPU Info: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz CPU Speed: 2408,0 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | NVIDIA GeForce GT 635M Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Realtek PCIe GBE Family-controller | Qualcomm Atheros AR9485 Wireless Network Adapter CD / DVD Drives: 1x (E: | ) E: SlimtypeDVD A DS8A9SH Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 2 Button Mouse Present Hard Disks: C: 241,5GB | D: 202,9GB Hard Disks - Free: C: 104,1GB | D: 131,9GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | _ASUS_ - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: ASUSTeK COMPUTER INC. K75VJ Country: Nederland Language: NLD ==== System Specs (Software) ====================== AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} Default Browser: Firefox 41.0.2 Internet Explorer Version: 11.0.9600.18053 Mozilla Firefox version: 41.0.2 (x86 nl) Google Chrome version: 46.0.2490.80 Adobe Reader version: 11.0.13.17 Flash Player version: 19.0.0.226 Shockwave Player version: 12.2r162 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\User\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2015-11-03 09:30:05 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\WINDOWS\SysWOW64\subinacl.exe 2015-11-02 15:55:03 A7B9D5DACF0061F7AB9BE16DC833FD5D 15002304 ----a-w- C:\WINDOWS\SysWOW64\nvwgf2um.dll 2015-11-02 15:55:03 60016082D57FF3057E4488A37EE62266 388024 ----a-w- C:\WINDOWS\SysWOW64\nvumdshim.dll 2015-11-02 15:55:02 DD9079A97F809873289C83DF6EA60CAD 128696 ----a-w- C:\WINDOWS\SysWOW64\nvoglshim32.dll 2015-11-02 15:55:02 80AD32A30338C05DFE6F38434850BC2C 13518496 ----a-w- C:\WINDOWS\SysWOW64\nvopencl.dll 2015-11-02 15:55:02 7E0FA3285A2F5FCAA7A17755895376D0 673912 ----a-w- C:\WINDOWS\SysWOW64\NvIFR.dll 2015-11-02 15:55:02 645E053F482FA25CAC8C1E7ADC133011 689456 ----a-w- C:\WINDOWS\SysWOW64\NvFBC.dll 2015-11-02 15:55:02 40FC4AC106DB55953F535A652B7E7A66 155976 ----a-w- C:\WINDOWS\SysWOW64\nvinit.dll 2015-11-02 15:55:02 15C106B41C938B6BA0E2AA0225EEF428 18359928 ----a-w- C:\WINDOWS\SysWOW64\nvoglv32.dll 2015-11-02 15:55:01 C3E5CCF6A73F692C74967B12EB9AB0EE 2489976 ----a-w- C:\WINDOWS\SysWOW64\nvcuvid.dll 2015-11-02 15:55:01 2830ADED1AAEB563499517BE5F361229 12769408 ----a-w- C:\WINDOWS\SysWOW64\nvd3dum.dll 2015-11-02 15:55:00 E43145FEE9FCD787265C3D7F17B82B1D 37882488 ----a-w- C:\WINDOWS\SysWOW64\nvcompiler.dll 2015-11-02 15:55:00 97D223727F99CC872A777D802747FA75 12032200 ----a-w- C:\WINDOWS\SysWOW64\nvcuda.dll 2015-11-02 15:54:56 1A96C7FAE3E45721850BC4817ADAE547 3154104 ----a-w- C:\WINDOWS\SysWOW64\nvapi.dll 2015-11-02 11:14:20 138DFCC00FA1FD8BF4D84FD4ECC9CBF9 4 ----a-w- C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 2015-10-31 03:13:38 CD421DDB5C6E5458CE52EDC36DE7DC5B 76152 ----a-w- C:\WINDOWS\SysWOW64\PnkBstrA.exe 2015-10-31 03:13:38 1F438C2CB609CD58980CCF30355B97CD 280904 ----a-w- C:\WINDOWS\SysWOW64\PnkBstrB.exe ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2015-11-03 10:17:46 7873C6482AEB63CFD10D2778FAB9429B 13824 ----a-w- C:\WINDOWS\Sysnative\ffnd.exe 2015-11-02 16:17:35 78D68A39A9F6AFDD14EBFA1880A4BBF4 75056 ----a-w- C:\WINDOWS\Sysnative\nv3dappshextr.dll 2015-11-02 16:17:35 707734F53C49FFC9F69A6703052CFAFB 2982520 ----a-w- C:\WINDOWS\Sysnative\nvsvc64.dll 2015-11-02 16:17:35 2B3DE08F326B96BFB2C8E7F5762F3910 62768 ----a-w- C:\WINDOWS\Sysnative\nvshext.dll 2015-11-02 16:17:35 03035287E99B19E46F1C6BF2C9FC0597 523384 ----a-w- C:\WINDOWS\Sysnative\nv3dappshext.dll 2015-11-02 16:17:34 7E2E5A08C30CB5FECF8D688C1FBCE2C5 5284082 ----a-w- C:\WINDOWS\Sysnative\nvcoproc.bin 2015-11-02 16:17:34 6B245B7F96F901891636814B5A7A9088 938800 ----a-w- C:\WINDOWS\Sysnative\nvvsvc.exe 2015-11-02 16:17:33 44A871CEDA42A97D41A586477224F6A3 2554488 ----a-w- C:\WINDOWS\Sysnative\nvsvcr.dll 2015-11-02 16:17:32 AB19D030948EC7D4F03CB794C247DBCA 385328 ----a-w- C:\WINDOWS\Sysnative\nvmctray.dll 2015-11-02 16:17:32 007B0821A077999773DA4FDB00D82C31 6358648 ----a-w- C:\WINDOWS\Sysnative\nvcpl.dll 2015-11-02 15:55:03 FA1C2EB6872DE69E1391A8BDF357B388 17395512 ----a-w- C:\WINDOWS\Sysnative\nvwgf2umx.dll 2015-11-02 15:55:03 32F7D679586BED9A0ECE27A10D01BE29 467912 ----a-w- C:\WINDOWS\Sysnative\nvumdshimx.dll 2015-11-02 15:55:02 F9F5643B5BC2DB095FE7F0FEEDFDB7B1 177416 ----a-w- C:\WINDOWS\Sysnative\nvinitx.dll 2015-11-02 15:55:02 F239588D4A3185AACCF2BD48EBB7146A 22306936 ----a-w- C:\WINDOWS\Sysnative\nvoglv64.dll 2015-11-02 15:55:02 97840DE99D1A3AB1D8DD7612462F84F1 1564976 ----a-w- C:\WINDOWS\Sysnative\nvdispgenco6435850.dll 2015-11-02 15:55:02 8C354FBC45770394E849B15759AC5141 1905456 ----a-w- C:\WINDOWS\Sysnative\nvdispco6435850.dll 2015-11-02 15:55:02 5FAB38629B6437F3D88FEC6C992F1F0F 877176 ----a-w- C:\WINDOWS\Sysnative\NvFBC64.dll 2015-11-02 15:55:02 436BF105CE7B006F2A881E8910079ED5 33507 ----a-w- C:\WINDOWS\Sysnative\nvinfo.pb 2015-11-02 15:55:02 3F845D3E131F89C1A53CB22F1EA6F80D 861816 ----a-w- C:\WINDOWS\Sysnative\NvIFR64.dll 2015-11-02 15:55:02 1872672A66D7F4ECAC13E0053B67D2EB 151368 ----a-w- C:\WINDOWS\Sysnative\nvoglshim64.dll 2015-11-02 15:55:02 0A08F751E67CE3243510D73EB8C1AD08 16541040 ----a-w- C:\WINDOWS\Sysnative\nvopencl.dll 2015-11-02 15:55:01 CE8721EFF79A61DC4B6C8EF9A491CA57 15716648 ----a-w- C:\WINDOWS\Sysnative\nvd3dumx.dll 2015-11-02 15:55:01 9E9BBDB7D51C4EC2FF46C9136BA23DA8 14832968 ----a-w- C:\WINDOWS\Sysnative\nvcuda.dll 2015-11-02 15:55:01 42C15412420BD9B632CCEEA42AEEDD9B 2869880 ----a-w- C:\WINDOWS\Sysnative\nvcuvid.dll 2015-11-02 15:54:56 8D9EC5CD005A631F38DDBCD7623116A9 3573832 ----a-w- C:\WINDOWS\Sysnative\nvapi64.dll 2015-11-02 15:54:56 717F412E2DF3CDCAD8906142D4CBCD7D 42914096 ----a-w- C:\WINDOWS\Sysnative\nvcompiler.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2015-11-03 12:12:04 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys 2015-11-03 12:11:23 CFBC6C6D8A492697CABD1D353EE64933 25816 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys 2015-11-03 12:11:23 42B3F5C9FBC9B3F0E0BA6B5D7FC8E849 109272 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys 2015-11-03 12:11:23 08DECFCB9BA97786165A69AB1015BC30 64216 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys 2015-11-02 15:55:02 36BAB895547EA82892292F05FA02142E 11114616 ----a-w- C:\WINDOWS\Sysnative\drivers\nvlddmkm.sys 2015-11-02 15:55:02 2464570B44EAC56308669A04FBA1CD81 31352 ----a-w- C:\WINDOWS\Sysnative\drivers\nvpciflt.sys ====== C:\WINDOWS\Tasks ====== 2015-11-03 09:41:50 E56AF7DF77D049ED79E91F43FD49F3FA 524 ----a-w- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task e42ead35-b99e-41ab-9fe7-b40519533d86.job 2015-11-03 09:41:50 98738EC9404635A228EF38D358A85481 3574 ----a-w- C:\WINDOWS\Sysnative\Tasks\SUPERAntiSpyware Scheduled Task e42ead35-b99e-41ab-9fe7-b40519533d86 2015-11-03 09:41:49 A2D77D62F679F02792A4B8E34EF098D0 524 ----a-w- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 824ed4af-72c5-4a99-adb6-18c9015dc404.job 2015-11-03 09:41:49 12E6102DFB8CA8FE245069C4ED32FCA8 3492 ----a-w- C:\WINDOWS\Sysnative\Tasks\SUPERAntiSpyware Scheduled Task 824ed4af-72c5-4a99-adb6-18c9015dc404 2015-11-02 17:48:37 F4589FA7B584263E9CFDB9B1A91A9228 3562 ----a-w- C:\WINDOWS\Sysnative\Tasks\ATK Package 36D18D69AFC3 2015-11-02 17:48:37 905B76C6D96700D8B5B376ED99B23396 2790 ----a-w- C:\WINDOWS\Sysnative\Tasks\ATK Package A22126881260 ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-11-03 15:28:07 -------- d-----w- C:\Program Files\Microsoft Synchronization Services 2015-11-03 15:28:07 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition 2015-11-03 10:32:33 -------- d-----w- C:\Program Files\trend micro 2015-11-03 09:44:31 -------- d-----w- C:\Program Files\FreeFixer 2015-11-03 09:41:23 -------- d-----w- C:\Program Files\SUPERAntiSpyware ======= C:\PROGRA~2 ===== 2015-11-03 15:27:55 -------- d-----w- C:\PROGRA~2\Microsoft Synchronization Services 2015-11-03 15:27:51 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server Compact Edition 2015-11-03 10:19:05 -------- d-----w- C:\PROGRA~2\Microsoft ASP.NET 2015-11-03 09:30:05 -------- d-----w- C:\PROGRA~2\Adware Removal Tool by TSA 2015-10-31 07:36:44 -------- d-----w- C:\PROGRA~2\Battlelog Web Plugins ======= C: ===== ====== C:\Users\User\AppData\Roaming ====== 2015-11-03 11:18:52 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Temp 2015-11-03 11:18:52 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Microsoft Help 2015-11-03 11:18:52 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Microsoft 2015-11-03 11:18:51 -------- d-s---w- C:\Users\UpdatusUser\AppData\Roaming\Microsoft 2015-11-03 11:18:51 -------- d-----w- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-11-03 11:18:51 -------- d-----r- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-11-03 11:18:51 -------- d-----r- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-11-03 11:18:51 -------- d-----r- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-11-03 09:44:45 -------- d-----w- C:\Users\User\AppData\Local\FreeFixer 2015-11-03 09:41:42 -------- d-----w- C:\Users\User\AppData\Roaming\SUPERAntiSpyware.com 2015-11-02 16:27:56 -------- d-----w- C:\Users\User\AppData\Local\NVIDIA Corporation 2015-11-02 16:18:45 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\NVIDIA Corporation 2015-11-02 15:35:53 -------- d-----w- C:\Users\User\AppData\Roaming\Sun 2015-11-02 15:35:53 -------- d-----w- C:\Users\User\AppData\Locallow\Sun 2015-11-02 15:33:29 -------- d-----w- C:\Users\User\AppData\Locallow\Oracle 2015-10-30 13:43:24 -------- d-----w- C:\Users\User\AppData\Local\Origin ====== C:\Users\User ====== 2015-11-03 11:27:58 -------- d-----w- C:\ProgramData\SecTaskMan 2015-11-03 11:18:59 -------- d-----w- C:\Users\UpdatusUser\Searches 2015-11-03 11:18:59 -------- d-----w- C:\Users\UpdatusUser\Contacts 2015-11-03 11:18:57 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\UpdatusUser\ntuser.ini 2015-11-03 11:18:51 -------- d--h--w- C:\Users\UpdatusUser\AppData 2015-11-03 11:18:51 -------- d-----w- C:\Users\UpdatusUser\Saved Games 2015-11-03 11:18:51 -------- d-----r- C:\Users\UpdatusUser\Videos 2015-11-03 11:18:51 -------- d-----r- C:\Users\UpdatusUser\Pictures 2015-11-03 11:18:51 -------- d-----r- C:\Users\UpdatusUser\Music 2015-11-03 11:18:51 -------- d-----r- C:\Users\UpdatusUser\Links 2015-11-03 11:18:51 -------- d-----r- C:\Users\UpdatusUser\Favorites 2015-11-03 11:18:51 -------- d-----r- C:\Users\UpdatusUser\Downloads 2015-11-03 11:18:51 -------- d-----r- C:\Users\UpdatusUser\Documents 2015-11-03 11:18:51 -------- d-----r- C:\Users\UpdatusUser\Desktop 2015-11-03 10:31:30 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\User\Desktop\RSITx64.exe 2015-11-03 09:41:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2015-11-03 09:41:23 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2015-11-02 16:16:45 -------- d-----w- C:\ProgramData\NVIDIA Corporation 2015-11-02 15:35:53 -------- d-----w- C:\Users\User\.oracle_jre_usage 2015-11-02 15:34:46 -------- d-----w- C:\ProgramData\Oracle 2015-11-02 11:02:55 89B00565D0743398CF44CF838620A12E 42985 ----a-w- C:\ProgramData\1446462167.bdinstall.bin 2015-11-02 11:02:46 15EC0F6B570273F11C9E358541715436 257689 ----a-w- C:\ProgramData\1446461999.bdinstall.bin ====== C: exe-files == 2015-11-04 12:38:11 D6DF4A4D2598C5BC3067D884BE2D917F 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2053507290-4217072742-2159287795-1002\$IWIL3OR.exe 2015-11-04 12:38:11 BD52F4447975180D52CE40031502A4D1 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2053507290-4217072742-2159287795-1002\$I3203CG.exe 2015-11-04 12:38:11 7FF6D363384B80D0D81F919399E20F64 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2053507290-4217072742-2159287795-1002\$I46FE6F.exe 2015-11-04 12:38:11 494BA79CD77C3B1FB15742670DB06134 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2053507290-4217072742-2159287795-1002\$IO20MKZ.exe 2015-11-04 12:38:11 2E092CCF3DBFE73C1A309388637D4DFB 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2053507290-4217072742-2159287795-1002\$IFA2HDO.exe 2015-11-04 12:38:11 182EABF1D89BC234F0D6A6073D154665 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2053507290-4217072742-2159287795-1002\$IFC82UK.exe 2015-11-04 12:38:11 1227B4D1724BCDAF3148CAF085BD2269 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2053507290-4217072742-2159287795-1002\$I265UOF.exe 2015-11-04 12:38:11 113CBF020B051FCD0CC91CE2DA519698 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2053507290-4217072742-2159287795-1002\$IHADJS6.exe 2015-11-04 12:38:11 039BA99FB02D10D600B50004A9898EF1 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2053507290-4217072742-2159287795-1002\$I3Q79H8.exe 2015-11-03 15:29:01 5621E6C6E819502051966EE1A17E37CD 160256 ----a-w- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe 2015-11-03 15:29:01 1D999E4D9F06F921FD9E0924308F2428 2166784 ----a-w- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\uninstall\Setup.exe 2015-11-03 15:17:17 FCA0EFECD03B6ADD15CDA46E801BE332 37594216 ----a-w- C:\$Recycle.Bin\S-1-5-21-2053507290-4217072742-2159287795-1002\$R3Q79H8.exe 2015-11-03 12:01:42 49E3825ACB348F848D9B841E4D48FD3B 22908888 ----a-w- C:\$Recycle.Bin\S-1-5-21-2053507290-4217072742-2159287795-1002\$RO20MKZ.exe 2015-11-03 11:27:27 4FB7C0D5F0A89F826EA843E261B3B218 2816040 ----a-w- C:\$Recycle.Bin\S-1-5-21-2053507290-4217072742-2159287795-1002\$RHADJS6.exe 2015-11-03 11:25:10 56F1644FE430EBB656874EE8AB3E27A3 592800 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000081d0\CoProc update.20110886.exe 2015-11-03 11:25:04 DBCE9BC36F0148F6C3991134BB9A62EC 371848 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000063de\DRS update.13728286.exe 2015-11-03 11:18:47 F66726ADBCC20A2D1D6B31476B9BCA63 1021288 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe 2015-11-03 11:18:47 84E035225474E48CD3A6A3CE52332095 1258856 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 2015-11-03 11:18:47 7EFEC1D34620CC3714FB948CE6E2B56B 190312 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\WLMerger.exe 2015-11-03 10:32:33 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\User.exe 2015-11-03 10:31:30 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\User\Desktop\RSITx64.exe 2015-11-03 10:17:46 7873C6482AEB63CFD10D2778FAB9429B 13824 ----a-w- C:\Windows\System32\ffnd.exe 2015-11-03 09:44:18 A8E13A1A6BF55BC385942B613BCDE214 2687418 ----a-w- C:\$Recycle.Bin\S-1-5-21-2053507290-4217072742-2159287795-1002\$RWIL3OR.exe 2015-11-03 09:40:54 0731DE9560A7C4E23141F2EE072CF210 23840808 ----a-w- C:\$Recycle.Bin\S-1-5-21-2053507290-4217072742-2159287795-1002\$R46FE6F.exe 2015-11-03 09:30:05 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\Windows\SysWOW64\subinacl.exe 2015-11-02 16:34:17 78F2E300767EA8E0FB860586B8DE36AF 10467568 ----a-w- C:\$Recycle.Bin\S-1-5-21-2053507290-4217072742-2159287795-1002\$R3203CG.exe 2015-11-02 16:17:53 58C4020E384CA80088C16BD40BDE6C03 413816 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\SETUP.EXE 2015-11-02 16:17:34 6B245B7F96F901891636814B5A7A9088 938800 ----a-w- C:\Windows\System32\nvvsvc.exe 2015-11-02 16:17:32 E7BE4C42E40D82394087A8C7A3808435 62256 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp.exe 2015-11-02 16:17:32 AFCC681A173959A7B4025960DCD4E07E 62072 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp64.exe 2015-11-02 16:17:32 983DB56152EC98FDDD43987A23971533 2448176 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe 2015-11-02 16:17:31 7B82EF526EA14ED9252D23A6AB19A397 12738864 ----a-w- C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe 2015-11-02 16:17:31 648061F9712FA520B47F0291EAD1F732 1252984 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe 2015-11-02 16:17:31 409429E18E177E06F399EEB2E2EE5826 2857080 ----a-w- C:\Program Files\NVIDIA Corporation\Control Panel Client\NvGpuUtilization.exe 2015-11-02 15:55:02 D478B4DA29916F064D7AB92FE8D7AB81 422192 ----a-w- C:\Program Files\NVIDIA Corporation\NVSMI\nvidia-smi.exe 2015-11-02 15:55:01 935D0808B045B3D8DBFD394E8325FB34 392312 ----a-w- C:\Program Files\NVIDIA Corporation\NVSMI\nvdebugdump.exe 2015-11-02 15:54:56 97DDB59E852E1FD1A6F3AF154AA112C4 841336 ----a-w- C:\Program Files\NVIDIA Corporation\NVSMI\MCU.exe 2015-11-02 15:54:56 9628B1202D594513D22CB429EEC43B8B 94908208 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{739C73EB-250E-4D1D-B4FC-66948B7305D7}\NvCplSetupInt.exe 2015-11-02 15:54:56 028ED92AC9D5EFCB26DADDBC9DC7773C 449144 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{739C73EB-250E-4D1D-B4FC-66948B7305D7}\dbInstaller.exe 2015-11-02 15:54:56 028ED92AC9D5EFCB26DADDBC9DC7773C 449144 ----a-w- C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe 2015-11-02 15:49:09 5B886015E9D392FB2BFC2C93F7FF16F2 1872504 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{37079C45-724B-47DE-BBDC-B72835A8A14C}\NVNetworkService.exe 2015-11-02 15:42:35 3ABC35C11CC2273571B5A227B33266F1 301556840 ----a-w- C:\$Recycle.Bin\S-1-5-21-2053507290-4217072742-2159287795-1002\$RFA2HDO.exe 2015-11-02 15:33:13 1359A14B642DE38FEEC2A448BF8D281C 584288 ----a-w- C:\$Recycle.Bin\S-1-5-21-2053507290-4217072742-2159287795-1002\$R265UOF.exe 2015-11-02 11:30:07 B7B4656E0DB41DB4C677A324CC0F5DE5 6762072 ----a-w- C:\$Recycle.Bin\S-1-5-21-2053507290-4217072742-2159287795-1002\$RFC82UK.exe 2015-11-02 10:39:27 D72FEDAADF576BE2DBF7BE35DC6C78FC 1068705 ----a-w- C:\Program Files (x86)\System Ninja\unins000.exe 2015-10-31 07:36:44 B73982779EA83E73E8F6B9641EE72864 351373 ----a-w- C:\Program Files (x86)\Battlelog Web Plugins\uninstall.exe 2015-10-31 03:13:55 4D1243E4487FF2287B9C7FF5D0880CFB 525664 ----a-w- C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3\Cleanup.exe 2015-10-31 03:13:38 CD421DDB5C6E5458CE52EDC36DE7DC5B 76152 ----a-w- C:\Windows\SysWOW64\PnkBstrA.exe 2015-10-31 03:13:38 1F438C2CB609CD58980CCF30355B97CD 280904 ----a-w- C:\Windows\SysWOW64\PnkBstrB.exe 2015-10-28 17:49:06 B89A82FB10E98F2FDF51FA82C7366DD3 1067736 ----a-w- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 2015-10-28 17:49:06 A052067B947DBFBB65921D01E290DD15 404712 ----a-w- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe 2015-10-28 17:49:06 5DB2C6B908C50767E2EDAA294A7566B5 82128 ----a-w- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe === C: other files == 2015-11-03 17:06:40 810C9870745E6EDABF15D5671B1904A1 1441990 ----a-w- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\3ngvi4rr.default-1446543442242\extensions\uBlock0@raymondhill.net.xpi 2015-11-03 17:06:37 810C9870745E6EDABF15D5671B1904A1 1441990 ----a-w- C:\Users\User\AppData\Local\Temp\tmp-p4s.xpi 2015-11-03 17:05:48 3271B71AC50D563255B7B22A1BB50645 529519 ----a-w- C:\Users\User\AppData\Local\Temp\tmp-cbx.xpi 2015-11-03 16:35:04 2C7C9FF65751CA47BBD48EB7E1EC5025 15648 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.2\NVI2SystemService32.sys 2015-11-03 16:35:04 11052279D90E007DBF9900C3CD32548D 16672 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.2\NVI2SystemService64.sys 2015-11-03 16:34:20 63E694362D960985D420F66DC928F510 30056 ----a-w- C:\Windows\LastGood\system32\DRIVERS\nvpciflt.sys 2015-11-03 16:34:18 CA27780BA398595459262900BA3304CC 13464936 ----a-w- C:\Windows\LastGood\system32\DRIVERS\nvlddmkm.sys 2015-11-03 12:12:04 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2015-11-03 12:11:23 CFBC6C6D8A492697CABD1D353EE64933 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2015-11-03 12:11:23 42B3F5C9FBC9B3F0E0BA6B5D7FC8E849 109272 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2015-11-03 12:11:23 08DECFCB9BA97786165A69AB1015BC30 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys 2015-11-03 11:40:00 D1FBD16E7BF09FEBC21758A7B261EBEB 962762 ----a-w- C:\Users\User\AppData\Local\Temp\tmp-csr.xpi 2015-11-03 11:17:47 2C7C9FF65751CA47BBD48EB7E1EC5025 15648 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2SystemService32.sys 2015-11-03 11:17:47 11052279D90E007DBF9900C3CD32548D 16672 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2SystemService64.sys 2015-11-03 11:17:10 2464570B44EAC56308669A04FBA1CD81 31352 ----a-w- C:\Windows\LastGood.Tmp\system32\DRIVERS\nvpciflt.sys 2015-11-03 11:17:07 36BAB895547EA82892292F05FA02142E 11114616 ----a-w- C:\Windows\LastGood.Tmp\system32\DRIVERS\nvlddmkm.sys 2015-11-03 09:48:57 3271B71AC50D563255B7B22A1BB50645 529519 ----a-w- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\3ngvi4rr.default-1446543442242\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi 2015-11-03 09:37:32 3271B71AC50D563255B7B22A1BB50645 529519 ----a-w- C:\Users\User\Desktop\oude firefox-gegevens\47gowx91.default-1418249851689\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi 2015-11-03 09:37:32 2BA622150713CF5B6345109F521C282D 1117761 ----a-w- C:\Users\User\Desktop\oude firefox-gegevens\47gowx91.default-1418249851689\extensions\stefanvandamme@stefanvd.net.xpi 2015-11-03 09:37:32 27E83420ADCD2C2196E2C8E6BC0FF415 153412 ----a-w- C:\Users\User\Desktop\oude firefox-gegevens\47gowx91.default-1418249851689\extensions\mytube@ashishmishra.in.xpi 2015-11-02 16:37:30 C2A9985C97DF5946AEAE7C001625410C 44840 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{5A426FC8-D14A-42ED-9C01-0D91EF148DC8}\nvvad32v.sys 2015-11-02 16:37:30 35DFC12FD7E44B7CB8CCD7E5A2B3975A 50472 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{5A426FC8-D14A-42ED-9C01-0D91EF148DC8}\nvvad64v.sys 2015-11-02 16:17:54 2C7C9FF65751CA47BBD48EB7E1EC5025 15648 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2SystemService32.sys 2015-11-02 16:17:54 11052279D90E007DBF9900C3CD32548D 16672 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2SystemService64.sys 2015-11-02 15:55:23 9D9CAD70EA640AB8D3EB77BFAE6CABE2 28344 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{01EC9083-EDCA-4463-A691-3180EF64DF45}\NVSWCFilter64.sys 2015-11-02 15:55:23 7ABD081BB7A1A8CF7E3B1E64183AB812 24760 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{01EC9083-EDCA-4463-A691-3180EF64DF45}\NVSWCFilter32.sys 2015-11-02 15:55:02 36BAB895547EA82892292F05FA02142E 11114616 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys 2015-11-02 15:55:02 2464570B44EAC56308669A04FBA1CD81 31352 ----a-w- C:\Windows\System32\drivers\nvpciflt.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2053507290-4217072742-2159287795-1002\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "f.lux"="C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "ASUSWebStorage"="C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S" "ConnectionCenter"="C:\Program Files (x86)\Citrix\ICA Client\concentr.exe /startup" "Redirector"="C:\Program Files (x86)\Citrix\ICA Client\redirector.exe /startup" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "f.lux"="C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\ProgramData\\Zitenop\\Sannix.dll, C:\\WINDOWS\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "BtTray"="C:\Program Files (x86)\Bluetooth Suite\BtTray.exe" "BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" "ACMON"="C:\Program Files (x86)\ASUS\Splendid\ACMON.exe" "Classic Start Menu"="C:\Program Files\Classic Shell\ClassicStartMenu.exe -autorun" "InstallerLauncher"="C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe /run:C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\WINDOWS\\system32\\nvinitx.dll" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Origin Client Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Sony PC Companion] ==== Startup Folders ====================== 2014-11-21 09:17:32 2669 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [16-10-2015 22:28] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [10-03-2015 09:01] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- [Undetermined Task] C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 824ed4af-72c5-4a99-adb6-18c9015dc404.job --a-------- C:\Program Files\SUPERAntiSpyware\SASTask.exe [07-11-2013 21:08] C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task e42ead35-b99e-41ab-9fe7-b40519533d86.job --a-------- C:\Program Files\SUPERAntiSpyware\SASTask.exe [07-11-2013 21:08] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\ASUS InstantOn Config" [C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe] "C:\WINDOWS\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe] "C:\WINDOWS\SysNative\tasks\ASUS Touchpad Launcher (x64)" [C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe] "C:\WINDOWS\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"] "C:\WINDOWS\SysNative\tasks\ATK Package 36D18D69AFC3" ["C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe"] "C:\WINDOWS\SysNative\tasks\ATK Package A22126881260" ["C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe"] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\SUPERAntiSpyware Scheduled Task 824ed4af-72c5-4a99-adb6-18c9015dc404" [C:\Program Files\SUPERAntiSpyware\SASTask.exe] "C:\WINDOWS\SysNative\tasks\SUPERAntiSpyware Scheduled Task e42ead35-b99e-41ab-9fe7-b40519533d86" [C:\Program Files\SUPERAntiSpyware\SASTask.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{21BF6A5B-5CB4-4E64-99AA-5643D78C76E4}" [C:\WINDOWS\system32\msfeedssync.exe] ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "DSE"="true" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\3ngvi4rr.default-1446543442242 - Undetermined - %ProfilePath%\extensions\uBlock0@raymondhill.net.xpi - Adblock Edge - %ProfilePath%\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\3ngvi4rr.default-1446543442242 30F232783820C8146F8A050F9E2F5D1D - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1220162.dll - Shockwave for Director / Shockwave for Director 863AF0003392FEBC2667A8A790DED955 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll - Shockwave Flash ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.80 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ihenkjeihefokohmemphikjnjbmegdik - \C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx\[] Google Slides - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi AdBlock - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Chrome Web Store Payments - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Battlefield Play4Free - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh Ferret - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\padcapdkhelngdelppbbjmkmkfceoikg Gmail - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {CD76A34F-CDFE-4B5C-957A-361536AA1493} Bing Url="http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ED77BE5C789DA434DB25DEDB12DDD18A deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ihenkjeihefokohmemphikjnjbmegdik deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C5EB77DE-D987-434A-BD52-EDBD21DD1DA8} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\ED77BE5C789DA434DB25DEDB12DDD18A deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [Redirector] "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [f.lux] "C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Global Startup: vpngui.exe.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\ProgramData\Zitenop\Sannix.dll, C:\WINDOWS\SysWOW64\nvinit.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Update service - Unknown owner - C:\Program Files (x86)\Popcorn Time\Updater.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\User\AppData\Local\Mozilla\Firefox\Profiles\3ngvi4rr.default-1446543442242\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1112 folders=159 222842506 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Users\User\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\User\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\Popcorn Time\init.txt" not found "C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" deleted "C:\Program Files (x86)\Popcorn Time" not found ==== EOF on wo 04-11-2015 at 17:52:16,38 ======================