
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Brian on di 01-03-2016 at 13:30:57,94.
Microsoft Windows 10 Home 10.0.10586  x64
Running in: Normal Mode Internet Access Detected
Launched: O:\IE Downloads\Firefox\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

1-3-2016 13:31:27 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~3\Synology deleted successfully
C:\Users\Brian\AppData\Local\ActiveSync deleted successfully
C:\Users\Brian\AppData\Local\NetworkTiles deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\BootRacer\BootRacerServ.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\Popcorn Time\Updater.exe
P:\Synology\Assistant\UsbClientService.exe
P:\Teamviewer10\TeamViewer_Service.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
P:\Teamviewer10\TeamViewer.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
P:\Teamviewer10\tv_w32.exe
T:\Winbar\WinBar.exe
C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
T:\Samsung Magician\Samsung Magician.exe
p:\teamviewer10\TeamViewer_Desktop.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O:\IE Downloads\Firefox\zoek.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe

==== Deleting Services ======================


==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 16291 MB
CPU Info: Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz
CPU Speed: 3498,7 MHz
Sound Card: Luidsprekers (3- Bose USB Audio | 
Realtek Digital Output (Realtek | 
Display Adapters: NVIDIA GeForce GT 730   | NVIDIA GeForce GT 730   | NVIDIA GeForce GT 730
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1680 X 1050 - 32 bit
Network: Network Present
Network Adapters: Realtek PCIe GBE Family Controller
CD / DVD Drives: 1x (D: | ) D: hp      DVD RW AD-7251H5
Ports: COM1 LPT Port NOT Present. 
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C:  209,2GB | O:  540,9GB | P:  293,0GB | T:  97,7GB
Hard Disks - Free: C:  160,6GB | O:  533,6GB | P:  292,2GB | T:  96,6GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 06/03/15 | ALASKA - 1072009
Time Zone: West-Europa (standaardtijd)
Motherboard *: ASUSTeK COMPUTER INC. B85-PLUS
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

Default Browser: Firefox	44.0.2
Internet Explorer Version: 11.103.10586.0 
Mozilla Firefox version: 44.0.2 (x86 nl)
Adobe Reader version: 15.10.20056.167417
Sun Java version: 1.8.0_73 (32-bit) 
Sun Java version: 1.8.0_73 (64-bit) 
Flash Player version: 20.0.0.306
Shockwave Player version: 12.2.1r171

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2016-02-10 14:05:24	95D730526EF81792CD6848D8D10FAA1C	4502352	----a-w-	C:\WINDOWS\explorer.exe
====== C:\Users\Brian\AppData\Local\Temp ====
====== Java Cache =====
2016-02-21 13:10:59	CA3F623E08DA85C7F0CE476E741B2FAC	485257	----a-w-	C:\Users\Brian\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\6f20baa4-49848909
2016-02-21 13:03:02	4F85459CEC4F78A3987FFFD5B6A816C5	605	----a-w-	C:\Users\Brian\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-1c9e8321
2016-02-21 13:03:02	CDF9ECA4A8C212FA6198977322C379F3	428	----a-w-	C:\Users\Brian\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-78e96a5ccf5c5b6a29dcdffe1d16c989d010904d54059e7b28aad8dacf6a56c9-6.0.lap
2016-02-21 13:03:02	C9588417B10E1D770E3E5DA1F3510AE5	8425	----a-w-	C:\Users\Brian\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\298d42d-540b349d
2016-02-21 13:03:05	C1BBA7F1278F193AB584FFF460DB5E2A	17878	----a-w-	C:\Users\Brian\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\c8dc66e-411efaf6
2016-02-21 13:10:59	C611538EFED63F122E4A07F748AC01B3	793	----a-w-	C:\Users\Brian\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\11dd5f3d-7727639f
2016-02-21 13:10:59	73DFA85845649CCCF69D5B1D80A89F26	441	----a-w-	C:\Users\Brian\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\11dd5f3d-866ea8a9a5e54c718f59857e9fb20e99af8e0c6c1540667a6358a78f78af6bf9-6.0.lap
====== C:\WINDOWS\SysWOW64 =====
2016-02-16 21:35:17	11BBA9273AC95AD6BB97AEBFC83CD7C8	111672	----a-w-	C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-02-16 21:35:04	3FE895FEF4741D6E70ED0F757FB5C7B6	203320	----a-w-	C:\WINDOWS\SysWOW64\OpenCL.dll
2016-02-16 21:34:10	F5D7B3515376208AD205A06440F178E8	445728	----a-w-	C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-02-16 21:34:10	F1C95E618369179544D5CDDECF175820	17631304	----a-w-	C:\WINDOWS\SysWOW64\nvopencl.dll
2016-02-16 21:34:10	DCF8DDB5BF25F1A8979D0C4FC1EBCAA6	17224664	----a-w-	C:\WINDOWS\SysWOW64\nvcuda.dll
2016-02-16 21:34:10	B4911098ECBBC37A2929307AB1F57F05	379448	----a-w-	C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-02-16 21:34:10	9CDE2DD810D7AB5B0D76212EF193838E	689600	----a-w-	C:\WINDOWS\SysWOW64\NvIFR.dll
2016-02-16 21:34:10	9BCACCC77DB2F0F33B240E7A85D08938	632336	----a-w-	C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-02-16 21:34:10	944B5ADFD22C56C61AA0E107BEC9CDE2	37616184	----a-w-	C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-02-16 21:34:10	90DD4714C54C6333507615C6A35B712C	3231544	----a-w-	C:\WINDOWS\SysWOW64\nvapi.dll
2016-02-16 21:34:10	82F914F7C9046690FF4DDAC5FE8BF1D8	14115136	----a-w-	C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-02-16 21:34:10	7BF9AF043B15FB7B36D8D276F9813809	745408	----a-w-	C:\WINDOWS\SysWOW64\NvFBC.dll
2016-02-16 21:34:10	7BBBE7575D9456B41FC125E2D86E3280	348216	----a-w-	C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-02-16 21:34:10	6199BB036BAC9B1A7D5675200E03F43D	24944064	----a-w-	C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-02-16 21:34:10	53225B56EEC01155BEF53310F68DE0B3	128696	----a-w-	C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-02-16 21:34:10	4CC015B8EB47671A357807F9A39E475C	2187712	----a-w-	C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-02-16 21:34:10	39EBAFE0DAFA44CC4D14EC5CF870043E	17175248	----a-w-	C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-02-16 21:34:10	36A297FF22C293864C7BFE4219ED30B4	153392	----a-w-	C:\WINDOWS\SysWOW64\nvinit.dll
2016-02-16 21:34:10	19EFFC532C19E4B2357CBF3330A2BB60	317144	----a-w-	C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2016-02-16 21:35:11	F023EBFE86392280107B17F67DECEB6F	2992064	----a-w-	C:\WINDOWS\Sysnative\nvsvc64.dll
2016-02-16 21:35:11	BD4B22682A5C6331D2A20CF330D540B4	6368824	----a-w-	C:\WINDOWS\Sysnative\nvcpl.dll
2016-02-16 21:35:11	A7E5A19E1D5207D47C841E71E4C865D3	83512	----a-w-	C:\WINDOWS\Sysnative\nv3dappshextr.dll
2016-02-16 21:35:11	8CFBBE2D27CE9BB940D2D225837FEF63	2561472	----a-w-	C:\WINDOWS\Sysnative\nvsvcr.dll
2016-02-16 21:35:11	78154AAE0216D7A7A1F1AC86429B6F24	530368	----a-w-	C:\WINDOWS\Sysnative\nv3dappshext.dll
2016-02-16 21:35:11	651925762FF202D140E5C29B135ACB80	392128	----a-w-	C:\WINDOWS\Sysnative\nvmctray.dll
2016-02-16 21:35:11	4F2B65FA16319BBA3A309EC2964920A1	1263040	----a-w-	C:\WINDOWS\Sysnative\nvvsvc.exe
2016-02-16 21:35:11	08C0F181A99E3AA81E8D94F4AF75BCF5	71224	----a-w-	C:\WINDOWS\Sysnative\nvshext.dll
2016-02-16 21:35:11	04182F2078AC127D10C94FF0B0503B3B	6154909	----a-w-	C:\WINDOWS\Sysnative\nvcoproc.bin
2016-02-16 21:35:04	C707EC7E03EDF77181542337950C97C3	213952	----a-w-	C:\WINDOWS\Sysnative\OpenCL.dll
2016-02-16 21:34:11	A01479252322007692B9B8AC06EBA3F5	1572496	----a-w-	C:\WINDOWS\Sysnative\nvhdagenco6420103.dll
2016-02-16 21:34:11	334BE6167EC12894F14985A28F8C74FD	39240	----a-w-	C:\WINDOWS\Sysnative\nvhdap64.dll
2016-02-16 21:34:10	FC5E58B5FC1E55D7337594D19F883934	3649576	----a-w-	C:\WINDOWS\Sysnative\nvapi64.dll
2016-02-16 21:34:10	F36D6C90FD4ADE15A4EB7A0C318D5796	950328	----a-w-	C:\WINDOWS\Sysnative\NvFBC64.dll
2016-02-16 21:34:10	D9BDF57C6A9977F38A5ADCFDD1EBFB2A	20741880	----a-w-	C:\WINDOWS\Sysnative\nvcuda.dll
2016-02-16 21:34:10	D444F1CF90C87989E304D3B29DBFA419	175368	----a-w-	C:\WINDOWS\Sysnative\nvinitx.dll
2016-02-16 21:34:10	C5E8EAC4DA9A8826B21AE4D1BCD1BBEF	42983480	----a-w-	C:\WINDOWS\Sysnative\nvcompiler.dll
2016-02-16 21:34:10	BD1FC8EE624BF029D24AAB3D0F0A96C5	2541504	----a-w-	C:\WINDOWS\Sysnative\nvcuvid.dll
2016-02-16 21:34:10	B726FF66189F34F54A5A9DD2CA9B194A	17116936	----a-w-	C:\WINDOWS\Sysnative\nvd3dumx.dll
2016-02-16 21:34:10	ADB9F9E78B567C92A3C163E9A21DBEEC	21201784	----a-w-	C:\WINDOWS\Sysnative\nvopencl.dll
2016-02-16 21:34:10	A529D9C477D12998CC6B4A2AE998BEA9	151368	----a-w-	C:\WINDOWS\Sysnative\nvoglshim64.dll
2016-02-16 21:34:10	A2B4D00FDB818B36A7E15A822EB50753	19779648	----a-w-	C:\WINDOWS\Sysnative\nvwgf2umx.dll
2016-02-16 21:34:10	986BE1728DD3657E33B5D7FCA94BDC3C	378968	----a-w-	C:\WINDOWS\Sysnative\nvEncodeAPI64.dll
2016-02-16 21:34:10	87C838DDF65079D8BD18B482197D25D0	31119296	----a-w-	C:\WINDOWS\Sysnative\nvoglv64.dll
2016-02-16 21:34:10	7AD928BB1A217B7B10E34474858741D4	1573432	----a-w-	C:\WINDOWS\Sysnative\nvdispgenco6436191.dll
2016-02-16 21:34:10	73B927E173E0A7BB5A7262A487860099	541000	----a-w-	C:\WINDOWS\Sysnative\nvumdshimx.dll
2016-02-16 21:34:10	680C3FDE5B46237F4FA16B9D47B387A3	786688	----a-w-	C:\WINDOWS\Sysnative\nvEncMFTH264.dll
2016-02-16 21:34:10	67F2EA57DA399E61A2479FF4FD0DF645	1924152	----a-w-	C:\WINDOWS\Sysnative\nvdispco6436191.dll
2016-02-16 21:34:10	5D353D51AA3D17DE47C8D63F0FB6A264	35832	----a-w-	C:\WINDOWS\Sysnative\nvinfo.pb
2016-02-16 21:34:10	5AFDE4678B40B9BCE981C21420AE3B7C	383424	----a-w-	C:\WINDOWS\Sysnative\nvDecMFTMjpeg.dll
2016-02-16 21:34:10	411E9EFACE1428EF117522642F5065A6	882232	----a-w-	C:\WINDOWS\Sysnative\NvIFR64.dll
2016-02-16 21:34:10	24BFF24F99D9AFEBEB2D1FA9339A309C	423360	----a-w-	C:\WINDOWS\Sysnative\NvIFROpenGL.dll
====== C:\WINDOWS\Sysnative\drivers =====
2016-02-16 21:34:11	D812362E8AF615B521AD4DF19A93BD5A	205456	----a-w-	C:\WINDOWS\Sysnative\drivers\nvhda64v.sys
2016-02-16 21:34:10	2D766A9EE4FBE2CE60F595EA4ACBE540	12478528	----a-w-	C:\WINDOWS\Sysnative\drivers\nvlddmkm.sys
2016-02-14 00:33:53	C336AF48C9609B1B586319FC1BB7F360	4705536	----a-w-	C:\WINDOWS\Sysnative\drivers\RTKVHD64.sys
2016-02-14 00:33:53	7D7FBC9504575D97885A858EA93684F5	5804772	----a-w-	C:\WINDOWS\Sysnative\drivers\rtvienna.dat
2016-02-14 00:33:53	62D86452D74FD5849E48662F02E224D9	3152591	----a-w-	C:\WINDOWS\Sysnative\drivers\rtkSSTsetting.dat
2016-02-14 00:33:52	9AEC402939B7A460C907FCD0DD1FDA4F	4486133	----a-w-	C:\WINDOWS\Sysnative\drivers\RTAIODAT.DAT
2016-02-10 14:05:28	CC0A2F91C231E0D25EE3DBBF11B660D9	1998176	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
2016-02-10 14:05:25	299B5570571185DB929194C40A1A0DB0	576352	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms2.sys
2016-02-10 14:05:22	BF6CA7EA5ECD6CF72D3D76652A9B8280	144384	----a-w-	C:\WINDOWS\Sysnative\drivers\mrxdav.sys
2016-02-10 14:05:22	A1105260EEEE3DBD8D38FD054B22BD00	604928	----a-w-	C:\WINDOWS\Sysnative\drivers\cng.sys
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2016-02-14 00:34:02	--------	d-----w-	C:\Program Files\Realtek
======= C:\PROGRA~2 =====
2016-02-21 13:02:46	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2016-02-15 19:02:03	--------	d---a-w-	C:\PROGRA~2\BootRacer
2016-02-14 00:36:27	--------	d---a-w-	C:\PROGRA~2\AmUStor
2016-02-14 00:22:51	--------	d-----w-	C:\PROGRA~2\nodejs
======= C: =====
====== C:\Users\Brian\AppData\Roaming ======
2016-02-16 19:42:48	--------	d-----w-	C:\Users\Brian\AppData\Local\Temp
2016-02-15 19:02:03	--------	d-----w-	C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BootRacer
2016-02-14 00:22:51	--------	d-----w-	C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js
2016-02-03 16:41:42	--------	d-----w-	C:\Users\Brian\AppData\Local\MetaGeek,_LLC
====== C:\Users\Brian ======
2016-02-15 19:04:00	--------	d-----w-	C:\ProgramData\BootRacer
2016-02-14 00:36:26	--------	d-----w-	C:\ProgramData\AmUStor
2016-02-14 00:28:08	--------	d-----w-	C:\Users\Public\Documents\Downloaded Installers
2016-02-10 00:07:22	--------	d-----w-	C:\ProgramData\G DATA
2016-02-03 16:41:36	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek

====== C: exe-files ==
2016-03-01 12:30:07	AA1DB90B5604A7861B8D5B931D2A607F	1487000	----a-w-	C:\Users\Brian\AppData\Local\Google\Chrome SxS\Application\51.0.2664.0\Installer\setup.exe
2016-03-01 12:30:03	1E903B58BDC0D3543661A220E6A7571E	852632	----a-w-	C:\Users\Brian\AppData\Local\Google\Chrome SxS\Application\51.0.2664.0\delegate_execute.exe
2016-03-01 12:29:55	3B98886821F8ADF6A7FDAB775393E5BE	51871136	----a-w-	C:\Users\Brian\AppData\Local\Google\Update\Install\{3E1C03C0-1A0D-462C-8E5B-8732D3FFE270}\51.0.2664.0_chrome_installer_win64.exe
2016-03-01 12:29:55	3B98886821F8ADF6A7FDAB775393E5BE	51871136	----a-w-	C:\Users\Brian\AppData\Local\Google\Update\Download\{4EA16AC7-FD5A-47C3-875B-DBF4A2008C20}\51.0.2664.0\51.0.2664.0_chrome_installer_win64.exe
2016-03-01 12:29:27	FB4C972C0792843A17C4B83DFDD94529	609512	----a-w-	C:\Users\Brian\AppData\Local\NVIDIA\NvBackend\Packages\00008757\CoProc update.20489755.exe
2016-03-01 12:29:25	B19D98153D23DAC8BC4C74D86BB0A369	7327576	----a-w-	C:\Users\Brian\AppData\Local\NVIDIA\NvBackend\Packages\00008753\DAO.20487200.exe
2016-02-29 17:16:38	DE6BC34BCE2FFEF6CC275F4F5E6F80EC	630200	----a-w-	C:\Users\Brian\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
2016-02-29 17:16:34	D2E4D9B0025AA952AE42343274507B58	172984	----a-w-	C:\Users\Brian\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
2016-02-28 11:35:10	948D43161B3A1C34451EBEC0ECC28F60	1487000	----a-w-	C:\Users\Brian\AppData\Local\Google\Chrome SxS\Application\51.0.2662.0\Installer\setup.exe
2016-02-28 11:35:06	9923368135A3EE66D5E8981E2436FC87	851608	----a-w-	C:\Users\Brian\AppData\Local\Google\Chrome SxS\Application\51.0.2662.0\delegate_execute.exe
2016-02-28 11:33:39	571C245CC6163F491D005E8CB2E908C7	335872	----a-w-	C:\Users\Brian\AppData\Roaming\BitTorrent\updates\7.9.5_41713\utorrentie.exe
=== C: other files ==
2016-03-01 12:30:01	D2F6A1B11344D9AC7BCFB75900D4ADE1	23668	----a-w-	C:\Users\Brian\AppData\Local\Google\Chrome SxS\Application\51.0.2664.0\default_apps\youtube.crx
2016-03-01 12:30:01	2E2E328E5BF6BE61203164B3E9EA8094	24040	----a-w-	C:\Users\Brian\AppData\Local\Google\Chrome SxS\Application\51.0.2664.0\default_apps\gmail.crx
2016-03-01 12:30:00	71E1283B8440F6264CEC99DF9AD81F5B	25561	----a-w-	C:\Users\Brian\AppData\Local\Google\Chrome SxS\Application\51.0.2664.0\default_apps\drive.crx
2016-03-01 12:30:00	2C71C49F991095A1848624907BACBB08	4578	----a-w-	C:\Users\Brian\AppData\Local\Google\Chrome SxS\Application\51.0.2664.0\default_apps\docs.crx
2016-02-28 11:34:54	D2F6A1B11344D9AC7BCFB75900D4ADE1	23668	----a-w-	C:\Users\Brian\AppData\Local\Google\Chrome SxS\Application\51.0.2662.0\default_apps\youtube.crx
2016-02-28 11:34:54	71E1283B8440F6264CEC99DF9AD81F5B	25561	----a-w-	C:\Users\Brian\AppData\Local\Google\Chrome SxS\Application\51.0.2662.0\default_apps\drive.crx
2016-02-28 11:34:54	2E2E328E5BF6BE61203164B3E9EA8094	24040	----a-w-	C:\Users\Brian\AppData\Local\Google\Chrome SxS\Application\51.0.2662.0\default_apps\gmail.crx
2016-02-28 11:34:54	2C71C49F991095A1848624907BACBB08	4578	----a-w-	C:\Users\Brian\AppData\Local\Google\Chrome SxS\Application\51.0.2662.0\default_apps\docs.crx

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-1778768322-595465748-2038507635-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
"WinBar (x86)"="T:\Winbar\WinBar.exe"
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"Google Update"="C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"BitTorrent"="C:\Users\Brian\AppData\Roaming\BitTorrent\BitTorrent.exe  /MINIMIZED"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LWS"="P:\Logitech\LWS\Webcam Software\LWS.exe -hide"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
"WinBar (x86)"="T:\Winbar\WinBar.exe"
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"Google Update"="C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"BitTorrent"="C:\Users\Brian\AppData\Roaming\BitTorrent\BitTorrent.exe  /MINIMIZED"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BootRacer"="C:\Program Files (x86)\BootRacer\Bootrace.exe /2"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"
"IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60"
"iTunesHelper"="T:\iTunes\iTunesHelper.exe"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BootRacer"="C:\Program Files (x86)\BootRacer\Bootrace.exe /2"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\asComSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bonjour Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MBAMService]


==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10-02-2016 15:59]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\ACC" [C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat]
"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["P:\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\CreateExplorerShellUnelevatedTask" [C:\WINDOWS\explorer.exe]
"C:\WINDOWS\SysNative\tasks\SamsungMagician" ["T:\Samsung Magician\Samsung Magician.exe"]
"C:\WINDOWS\SysNative\tasks\Tweaking.com - Windows Repair Tray Icon" [T:\\WR_Tray_Icon.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{A6E02282-B74B-4878-B246-BE3C8D2FC6D4}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\{010D2214-1FC7-4C1E-959D-5F6C2DC88CEF}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\odhqtxrl.default
user_pref("browser.startup.homepage", "www.google.nl");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\odhqtxrl.default
- YouTube Video and Audio Downloader - %ProfilePath%\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi
- YouTube AdBlock - %ProfilePath%\extensions\jid1-w4wG5nJhx4LJZr@jetpack.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\odhqtxrl.default
9F9E2E37C8455FCC7E2716E3AFD3EF88	- P:\Vlc Player\VLC\npvlc.dll -	VLC Web Plugin
88041A1D3DB193614C1DD264CDD7417E	- C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1221171.dll -	Shockwave for Director / Shockwave for Director
6FE651F6E3025AD51CC1D54913AEEADC	- C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll -	Shockwave Flash
AF8A94BCB98C299C49B28CC12EBC0ED2	- C:\Users\Brian\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll -	Google Update


==== Chromium Look ======================


Chrome Web Store Payments - Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Google Docs - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
TV - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh
YouTube - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Facebook - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm
Pool - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb
RTL XL Downloader - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjpokhlejjnkfhmibeehgdlmcaldonni
Google Search - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
3D Table Tennis - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eceoimpjbncjmhghmhfpmbkkkgkkchen
Tetriz Challenge - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\emidddocikgklceeeifefomdnbkldhng
Google Sheets - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
This information is used only for diagnosing the problem you are reporting is available only to someone investigating your report and is retained for no more than 30 days. - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp
Google Docs Offline - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
AdBlock - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Google Maps - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh
Chrome Web Store Payments - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Teletekst - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\noblnklnhglbnfomoipgcidnbpdjfbom
Background Tab - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic
3D Bomb Destroyer - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okehlnjpihomkdokiiafpejniofjaoom
Uitzending Gemist Downloader - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\onogpacodgjlaoicjnmbfnigmbojmnlc
TeamViewer - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oooiobdokpcfdlahlmcddobejikcmkfo
Gmail - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Chrome Media Router (Canary) - Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.nl/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.nl/"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value

==== HijackThis Entries ======================

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - P:\Evernote\EvernoteIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll
O4 - HKLM\..\Run: [LWS] P:\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WinBar (x86)] T:\Winbar\WinBar.exe
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Brian\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
O4 - HKLM\..\Policies\Explorer\Run: [BootRacer] "C:\Program Files (x86)\BootRacer\Bootrace.exe" /2
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: EvernoteClipper.lnk = P:\Evernote\EvernoteClipper.exe
O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Afbeelding knippen - P:\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Afbeelding opnemen - P:\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Bladwijzer knippen - P:\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Kopieer selectie - P:\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Kopieer URL - P:\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Nieuwe notitie - P:\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Pagina opemen - P:\Evernote\EvernoteIERes\Clip.html?clipAction=1
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @P:\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - P:\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @P:\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - P:\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BootRacerServ - Greatis Software, LLC - C:\Program Files (x86)\BootRacer\BootRacerServ.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - P:\Teamviewer10\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Update service - Popcorn Time - C:\Program Files (x86)\Popcorn Time\Updater.exe
O23 - Service: UsbClientService - Unknown owner - P:\Synology\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Silent Runners ======================


==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Brian\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Brian\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Brian\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Brian\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Brian\AppData\Local\Mozilla\Firefox\Profiles\odhqtxrl.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Brian\AppData\Local\Google\Chrome SxS\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Brian\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on di 01-03-2016 at 13:45:29,66 ======================