Zoek.exe v5.0.0.0 Updated 22-February-2015 Tool run by Beast on ma 23/02/2015 at 7:43:32,02. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Beast\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 23/02/2015 7:44:32 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\dumps deleted successfully C:\PROGRA~2\R.G. Catalyst deleted successfully C:\PROGRA~3\BlueStacks deleted successfully C:\PROGRA~3\ZoomBrowser deleted successfully C:\Users\Beast\AppData\Roaming\Hotline Miami deleted successfully C:\Users\Beast\AppData\Roaming\ISP Monitor deleted successfully C:\Users\Beast\AppData\Roaming\ZoomBrowser EX deleted successfully C:\Users\Beast\AppData\Local\Adobe deleted successfully C:\Users\Beast\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3473739808-715647190-2127078386-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_USERS\S-1-5-21-3473739808-715647190-2127078386-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_CLASSES_ROOT\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Users\Beast\AppData\Local\Mixesoft\AppNHost\appnhost.exe C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Beast\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "20150107"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\dumps not found C:\PROGRA~2\R.G. Catalyst not found C:\PROGRA~2\Temp deleted C:\PROGRA~2\Uninstall Information deleted C:\Users\Beast\AppData\Roaming\All CPU MeterV3_Settings.ini deleted C:\Users\Beast\AppData\Roaming\GPU MeterV2_Settings.ini deleted C:\PROGRA~3\InstallMate deleted C:\PROGRA~3\Package Cache deleted C:\Windows\SysNative\config\systemprofile\Searches deleted ==== System Specs ====================== Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 8149 MB CPU Info: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz CPU Speed: 3490,5 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | SAMSUNG-4 (NVIDIA High Definiti | Realtek Digital Output(Optical) | Display Adapters: NVIDIA GeForce GTX 770 | NVIDIA GeForce GTX 770 | NVIDIA GeForce GTX 770 | NVIDIA GeForce GTX 770 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Dell U2312HM DVI | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Intel(R) Ethernet Connection I217-V CD / DVD Drives: 2x (D: | G: | ) D: TSSTcorpCDDVDW SH-224DB | G: DTSOFT BDROM Ports: COM1 LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 223,5GB | E: 1863,0GB | F: 1863,0GB Hard Disks - Free: C: 89,6GB | E: 270,4GB | F: 439,0GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 05/16/13 | ALASKA - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: Gigabyte Technology Co., Ltd. Z87X-D3H-CF Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Default Browser: Google Chrome 40.0.2214.115 Internet Explorer version: 8.0.7601.17514 Google Chrome version: 40.0.2214.115 Flash Player version: 16.0.0.305 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-02-22 20:39:53 C62189D6A53BA065CB8710245214424C 595837144 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\Beast\AppData\Local\Temp ==== 2015-02-22 13:07:40 E7CAED467F80B29F4E63BA493614DBB1 127488 ----a-w- C:\Users\Beast\AppData\Local\Temp\A7E17768-55FA-4707-8DAE-B8309409692E\OSProvider.dll 2015-02-22 13:07:40 CCF6EC908566900E9626DC3360B9E35E 112128 ----a-w- C:\Users\Beast\AppData\Local\Temp\A7E17768-55FA-4707-8DAE-B8309409692E\DismCorePS.dll 2015-02-22 13:07:40 A909643B215FC0587A043C9C15959D41 186368 ----a-w- C:\Users\Beast\AppData\Local\Temp\A7E17768-55FA-4707-8DAE-B8309409692E\DismProv.dll 2015-02-22 13:07:40 A7AFC7D5313C94E1060648609DAFCE64 271360 ----a-w- C:\Users\Beast\AppData\Local\Temp\A7E17768-55FA-4707-8DAE-B8309409692E\SmiProvider.dll 2015-02-22 13:07:40 A492B7C2C223C5C6163F45AA5275BE34 302080 ----a-w- C:\Users\Beast\AppData\Local\Temp\A7E17768-55FA-4707-8DAE-B8309409692E\UnattendProvider.dll 2015-02-22 13:07:40 85F83E44A77DEA06780FB670CC8A0359 438272 ----a-w- C:\Users\Beast\AppData\Local\Temp\A7E17768-55FA-4707-8DAE-B8309409692E\DmiProvider.dll 2015-02-22 13:07:40 7B38D7916A7CD058C16A0A6CA5077901 271360 ----a-w- C:\Users\Beast\AppData\Local\Temp\A7E17768-55FA-4707-8DAE-B8309409692E\wdscore.dll 2015-02-22 13:07:40 78B4D1F2FE371A6E85C66DD3D40D404A 183296 ----a-w- C:\Users\Beast\AppData\Local\Temp\A7E17768-55FA-4707-8DAE-B8309409692E\CompatProvider.dll 2015-02-22 13:07:40 739968678548BA15F6B9372E8760C012 444416 ----a-w- C:\Users\Beast\AppData\Local\Temp\A7E17768-55FA-4707-8DAE-B8309409692E\TransmogProvider.dll 2015-02-22 13:07:40 711325BFDAC759FA69B9EDAF7EA0319C 471040 ----a-w- C:\Users\Beast\AppData\Local\Temp\A7E17768-55FA-4707-8DAE-B8309409692E\WimProvider.dll 2015-02-22 13:07:40 6EBC2138A3C9B3B7D1E69E0629B6C815 289792 ----a-w- C:\Users\Beast\AppData\Local\Temp\A7E17768-55FA-4707-8DAE-B8309409692E\DismCore.dll 2015-02-22 13:07:40 64B66A41B61D511E8EBE94625EC0E45A 53760 ----a-w- C:\Users\Beast\AppData\Local\Temp\A7E17768-55FA-4707-8DAE-B8309409692E\FolderProvider.dll 2015-02-22 13:07:40 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Users\Beast\AppData\Local\Temp\A7E17768-55FA-4707-8DAE-B8309409692E\DismHost.exe 2015-02-22 13:07:40 45FF4FA5CA5432BFCCDED4433FE2A85B 216576 ----a-w- C:\Users\Beast\AppData\Local\Temp\A7E17768-55FA-4707-8DAE-B8309409692E\MsiProvider.dll 2015-02-22 13:07:40 27EC9795973FB7790059892EF2F363B1 107008 ----a-w- C:\Users\Beast\AppData\Local\Temp\A7E17768-55FA-4707-8DAE-B8309409692E\LogProvider.dll 2015-02-22 13:07:40 1C9B5D23AC0CD2E6BF4B29F35FE219AE 1672192 ----a-w- C:\Users\Beast\AppData\Local\Temp\A7E17768-55FA-4707-8DAE-B8309409692E\CbsProvider.dll 2015-02-22 13:07:40 08C71F57BDFC3DF75A51B12DDF69A33B 312832 ----a-w- C:\Users\Beast\AppData\Local\Temp\A7E17768-55FA-4707-8DAE-B8309409692E\IntlProvider.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-02-22 12:54:38 86E39E9161C3D930D93822F1563C280D 1998168 ----a-w- C:\Windows\SysWOW64\D3DX9_43.dll 2015-02-12 17:03:11 46F29AEB5FC0F6E6BD477EBB4AE0EB42 621384 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe 2015-02-12 17:02:14 FB50C5D41D7F82EA3718650C4DF536CF 3247248 ----a-w- C:\Windows\SysWOW64\nvcuvid.dll 2015-02-12 17:02:14 E30DCEF5DB526593786F8A7A66EDC11E 20466496 ----a-w- C:\Windows\SysWOW64\nvcompiler.dll 2015-02-12 17:02:14 C4AF7B27D1075C1538202AD78CB328C3 24768144 ----a-w- C:\Windows\SysWOW64\nvoglv32.dll 2015-02-12 17:02:14 BEEA0DAC92DE547308490AB21AC3D87E 877816 ----a-w- C:\Windows\SysWOW64\nvumdshim.dll 2015-02-12 17:02:14 B64744D40FBA7087418CB3026942769D 908104 ----a-w- C:\Windows\SysWOW64\NvFBC.dll 2015-02-12 17:02:14 ABB5AAB1D4A0B41E104E8E1F3B8EB309 345744 ----a-w- C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-02-12 17:02:14 A2DFE770DC30E4B9B0C597FAE2103A74 929936 ----a-w- C:\Windows\SysWOW64\NvIFR.dll 2015-02-12 17:02:14 989E428DE10969A562B1CA829FB78039 399504 ----a-w- C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-02-12 17:02:14 7678A3DF65245E7776B7913E7E90A1C0 305136 ----a-w- C:\Windows\SysWOW64\nvoglshim32.dll 2015-02-12 17:02:14 5C75272E819BD2F906623EF1C4C6D425 164752 ----a-w- C:\Windows\SysWOW64\nvinit.dll 2015-02-12 17:02:14 36954111C79EE44D1E5F5F02C3E78B73 10773704 ----a-w- C:\Windows\SysWOW64\nvopencl.dll 2015-02-12 17:02:14 16F7BA56230013306E917735A14E7D29 2902784 ----a-w- C:\Windows\SysWOW64\nvapi.dll 2015-02-12 17:02:14 0E33E10321FB93651EE64AB28E489C20 10713256 ----a-w- C:\Windows\SysWOW64\nvcuda.dll 2015-02-11 16:46:35 DDE994E9159497D0D5AB2CDF66D1EAD6 76800 ----a-w- C:\Windows\SysWOW64\wdi.dll 2015-02-11 16:15:23 F116D57DDE0178A8CD2B8A8C79BFBB7D 6027264 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-02-11 16:15:22 E24070D0306DC4154EB73CAB7C69087F 981504 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-02-11 16:15:22 A82A7374E723BA3C8C8A4DDB01ABF407 1267712 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-02-11 16:15:22 A78070A7D652984C8D157F438F81EA4F 1466368 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2015-02-11 16:15:22 41405578360EC198C7901F4FEB9FED67 11020800 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-02-11 16:15:21 D9067213F1BCD7786C5D04675CCEAF27 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2015-02-11 16:15:21 5B4F54660A33D79D7BF69A19EF03E56E 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll 2015-02-11 16:15:21 4D21FD3269D9EE3CD048B53282099E26 627712 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-02-11 16:15:21 3C9CFC2B2F8B5EC7271E2B3E2387BACD 345600 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2015-02-11 16:15:21 2704B61030B868930327DDA5B381C1A1 428544 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-02-11 16:15:20 D35B774B605C00D0CF5D4FB3FB567D2F 15872 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe 2015-02-11 16:15:20 C9D8B14B76F9ED907CD6411E3CD061FE 64512 ----a-w- C:\Windows\SysWOW64\msfeedsbs.dll 2015-02-11 16:15:20 C9B7A0E5DEF624D1F7F5D01DB4F4ED53 67584 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2015-02-11 16:15:20 C2DE22F70262F9259BCF1337D0EB755D 216064 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2015-02-11 16:15:20 BA676828D7AA3C41DB0D68F559C2C09C 1638912 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2015-02-11 16:15:20 80FF11ACC54F060BA2EF08CA44FDC141 386048 ----a-w- C:\Windows\SysWOW64\html.iec 2015-02-11 16:15:20 7787A7A9D828087C8387701FE04CFEDF 2086912 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-02-11 16:15:20 62B3FBE73B23BB21DE6607B55A8A5BDA 48128 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2015-02-11 16:15:20 49EF3192C40ED0417F0682574E8BAF08 132096 ----a-w- C:\Windows\SysWOW64\url.dll 2015-02-11 16:15:20 3CBF1F68F0CCCE070CA565CE4C1F87A0 50176 ----a-w- C:\Windows\SysWOW64\mshta.exe 2015-02-11 16:15:19 0C96A745A76C7DD75C5503E86D968E49 1174528 ----a-w- C:\Windows\SysWOW64\crypt32.dll 2015-02-11 16:15:18 793F6658ED65839FDB2957A4884CB63C 1230336 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll 2015-02-11 16:15:16 F312300F29620F74E3AF3AF018151935 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2015-02-11 16:15:16 F2A743912D404A8866362836CFE7A648 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2015-02-11 16:15:16 F29BC66CE4A5507A49FB20744A056E61 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2015-02-11 16:15:16 4E6934926B4C923CC0FF61C6D77814EF 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2015-02-11 16:15:16 43791D2F736C4E9BE9FE0B33A1E92A5D 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2015-02-11 16:15:16 36F152AE2F64B12771A44EA77124332B 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2015-02-11 16:15:14 A208DAC2932649CFF82A6A684D8BB1F6 571904 ----a-w- C:\Windows\SysWOW64\oleaut32.dll 2015-02-11 16:15:12 62C93E47A424A8EC79F3CF1719A2DCC6 3972544 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2015-02-11 16:15:11 97B7E7E3356F7F7FE5B948AB3ED707DD 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll 2015-02-11 16:15:11 6D227897A458DA8A9518DACDC88F1947 3917760 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2015-02-11 16:14:42 B3BC38B886CA53C92D52EF724A9F0D45 308224 ----a-w- C:\Windows\SysWOW64\scesrv.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-02-22 20:43:22 6663B30328C239D2AB10D2583054CF2E 364512 ----a-w- C:\Windows\Sysnative\aswBoot.exe 2015-02-22 20:39:54 61AB78557AF84BD45B743BE990D1B3FC 267912 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT 2015-02-12 17:02:14 F5DFB62C6A453DBA3D8E0D0BFC1EFAF7 353224 ----a-w- C:\Windows\Sysnative\nvoglshim64.dll 2015-02-12 17:02:14 E9431F732193A7491C0656A2003CF4AF 177624 ----a-w- C:\Windows\Sysnative\nvinitx.dll 2015-02-12 17:02:14 D3069F84428EFEDB8EAA083741B7CEF6 995248 ----a-w- C:\Windows\Sysnative\nvumdshimx.dll 2015-02-12 17:02:14 A511A028F8A62D17D93545ABDABE63AD 1895240 ----a-w- C:\Windows\Sysnative\nvdispco6434752.dll 2015-02-12 17:02:14 9EF2996DA79FEC7EC22BCE4CB840CD4C 13294528 ----a-w- C:\Windows\Sysnative\nvopencl.dll 2015-02-12 17:02:14 9BDA27EA6E10AB35CE0A2997071B0189 25460880 ----a-w- C:\Windows\Sysnative\nvcompiler.dll 2015-02-12 17:02:14 957F4975395BAC8D2121824B3E82C987 496272 ----a-w- C:\Windows\Sysnative\nvEncodeAPI64.dll 2015-02-12 17:02:14 94347A7E86A13AA86C300F1C5C5CEF3C 32106640 ----a-w- C:\Windows\Sysnative\nvoglv64.dll 2015-02-12 17:02:14 9078AC0E927A0C79482B3641C85BAC15 13208200 ----a-w- C:\Windows\Sysnative\nvcuda.dll 2015-02-12 17:02:14 7E666353814451F0F542A2C3A84B34A8 1557648 ----a-w- C:\Windows\Sysnative\nvdispgenco6434752.dll 2015-02-12 17:02:14 707C496AEF315B7FF5A1CDB066C582BE 969872 ----a-w- C:\Windows\Sysnative\NvIFR64.dll 2015-02-12 17:02:14 51882706E67A98DC5985247D4933D836 943760 ----a-w- C:\Windows\Sysnative\NvFBC64.dll 2015-02-12 17:02:14 1ACC850CEA37D18049CC0B3E6DE8FB7A 3610768 ----a-w- C:\Windows\Sysnative\nvcuvid.dll 2015-02-12 17:02:14 0A2E0523140DC8AF034FFB367D990E30 390472 ----a-w- C:\Windows\Sysnative\NvIFROpenGL.dll 2015-02-11 16:46:35 D713D6446DDBB474D801F361B4B186EA 950272 ----a-w- C:\Windows\Sysnative\perftrack.dll 2015-02-11 16:46:35 C6F7473B55510F0B93961DA03D8E3B38 91136 ----a-w- C:\Windows\Sysnative\wdi.dll 2015-02-11 16:46:35 AA7079AD52B8BFBAE94167D54C32F84F 29696 ----a-w- C:\Windows\Sysnative\powertracker.dll 2015-02-11 16:15:25 64EAD6C9D342E7E0CFCA3559FCBFDDAC 894976 ----a-w- C:\Windows\Sysnative\appraiser.dll 2015-02-11 16:15:25 5C09611AB8D508CC252BB2D5A069D1AC 1098752 ----a-w- C:\Windows\Sysnative\aeinv.dll 2015-02-11 16:15:25 47709F1B718859ED8AB5EA3EA3974BEB 609280 ----a-w- C:\Windows\Sysnative\generaltel.dll 2015-02-11 16:15:24 EF4FA1D31D146EA0C04D16E75FCA6BCF 192000 ----a-w- C:\Windows\Sysnative\aepic.dll 2015-02-11 16:15:24 B5746809407BDEB18D9D4769CD9FF24E 414720 ----a-w- C:\Windows\Sysnative\devinv.dll 2015-02-11 16:15:24 7F2F9AACF457CE48CDDBD643FC53487C 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll 2015-02-11 16:15:24 7150E809474BBD4D4AD24B13FA2454E5 1239720 ----a-w- C:\Windows\Sysnative\aitstatic.exe 2015-02-11 16:15:24 5632EB9633EACCC323CEA2C03A0B4133 762368 ----a-w- C:\Windows\Sysnative\invagent.dll 2015-02-11 16:15:23 6CD70FE7E8074E0E6D8ED1675BD5B8EE 12293120 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-02-11 16:15:23 2BA1576F69946FF06748AD405FFB4FF8 9056768 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-02-11 16:15:22 FF7CDCB91FED0A797650FB94439C832C 1538048 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-02-11 16:15:22 E6519A230C508002D8B84454C07F47CB 495616 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2015-02-11 16:15:22 9C8F62CF419234CC5BB33A333B09300F 174592 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2015-02-11 16:15:22 48F3B49E9DF63FA64F7B20E87DC1A2C4 1188864 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-02-11 16:15:22 20B738261AF48BBEB16E292809E54214 1541632 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-02-11 16:15:21 F9552E4E7A7D48DAB538928E0E4A7E6A 735232 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-02-11 16:15:21 A0202DA1282AAC1BE4329B5803EA035A 610304 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-02-11 16:15:21 3A56A85071E9ED121CA3CC2E1591B587 247808 ----a-w- C:\Windows\Sysnative\ieui.dll 2015-02-11 16:15:21 3712DDAD266F4DADB6EAA702CDF0C71D 2467328 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-02-11 16:15:21 2A844C193DCFDA40E7F3770DD78B6B64 314880 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2015-02-11 16:15:20 FFD8CEED01779747EB2E29919D8DAC79 1638912 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2015-02-11 16:15:20 FE96128560FB37DBE5445A90D60406C1 134144 ----a-w- C:\Windows\Sysnative\url.dll 2015-02-11 16:15:20 CE6C451AFFDDD6163B355349494E12C8 16384 ----a-w- C:\Windows\Sysnative\msfeedssync.exe 2015-02-11 16:15:20 B4C7C09D5A7D7082474BA20B3C824D03 97280 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2015-02-11 16:15:20 8A513C5B772A3DEEDA109D54853FA401 482816 ----a-w- C:\Windows\Sysnative\html.iec 2015-02-11 16:15:20 430D7749170E8B25ECF36A847C4F6E53 64512 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2015-02-11 16:15:20 3952AF1663AC7C8B09D95E80D982C04E 47616 ----a-w- C:\Windows\Sysnative\mshta.exe 2015-02-11 16:15:20 348C9F7F2506ECC64187FC80239B7059 82944 ----a-w- C:\Windows\Sysnative\msfeedsbs.dll 2015-02-11 16:15:19 E5AF792AB409F600D416CB257C84305D 1480192 ----a-w- C:\Windows\Sysnative\crypt32.dll 2015-02-11 16:15:18 4861B9AF67E1B0154A55FDE4B3A61EB9 1424384 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll 2015-02-11 16:15:16 E0105F3B5B1C4B0F5B3D788A13504EC6 31232 ----a-w- C:\Windows\Sysnative\lsass.exe 2015-02-11 16:15:16 C97662B6752BFEF07C565D96E8ECC98F 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2015-02-11 16:15:16 BE4927689BA39E18A104986CB1363C97 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2015-02-11 16:15:16 94C6BCF9212E20866AC1558A32E9F228 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2015-02-11 16:15:16 857CED230A6B87E84FCA04B472A3CB1A 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll 2015-02-11 16:15:16 6EAD88B508E4785F4AFDFD24F76E8839 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll 2015-02-11 16:15:16 51BB93FF96AE3882B4AF7CA11000D3A3 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2015-02-11 16:15:16 2EE57F4491A402C04FCAA7D012493884 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2015-02-11 16:15:16 1798826FE9FFEA9E93E74A5868559D4A 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2015-02-11 16:15:14 AE4FEDD98096C09A8A86E021FC5E9D67 861696 ----a-w- C:\Windows\Sysnative\oleaut32.dll 2015-02-11 16:15:12 9819614CA9EFB5A96493B379170B9D89 5554112 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2015-02-11 16:15:11 F7A3018D8F1825427BC11E912D5287CD 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe 2015-02-11 16:15:11 D6CDCAF84810641D1D2B455750825ACA 50176 ----a-w- C:\Windows\Sysnative\srclient.dll 2015-02-11 16:15:11 0147AA370862201A443752351F135D31 503808 ----a-w- C:\Windows\Sysnative\srcore.dll 2015-02-11 16:14:42 FE72C89986E1BA32AD926A820491F23F 406528 ----a-w- C:\Windows\Sysnative\scesrv.dll 2015-02-11 16:14:05 DF07110F77639E73D0537188703F44F6 3201536 ----a-w- C:\Windows\Sysnative\win32k.sys ====== C:\Windows\Sysnative\drivers ===== 2015-02-12 17:02:14 3B99271224C43ADAB5A7F8D4B574AE3F 10284872 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys 2015-02-11 16:15:16 E45CDE1C8340DFEDF1D6724263F39E5B 458824 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2015-02-11 16:15:16 C60C6B9A2E50B0404F6789C62B428C03 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-02-11 16:15:16 78D152A9FD5747FF6AA89C79F0346F62 155072 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-02-22 19:45:47 -------- d-----w- C:\Program Files\Common Files\Services 2015-02-22 19:28:21 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2015-02-22 11:28:11 -------- d-----w- C:\Program Files\trend micro 2015-02-12 16:45:31 -------- d-----w- C:\Program Files\Microsoft Silverlight 2015-02-02 19:34:17 -------- d-----w- C:\Program Files\Unlocker ======= C:\PROGRA~2 ===== 2015-02-12 16:45:31 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight 2015-01-25 12:53:32 -------- d-----w- C:\PROGRA~2\R.G. Mechanics ======= C: ===== 2015-02-22 00:40:33 9FA97E4D056A0CA92294B740A7E14C11 3296 ------w- C:\bootsqm.dat ====== C:\Users\Beast\AppData\Roaming ====== 2015-02-22 19:28:46 -------- d-----w- C:\Users\Beast\AppData\Roaming\SUPERAntiSpyware.com 2015-02-22 14:00:43 -------- d-----w- C:\Users\Beast\AppData\Local\Mixesoft 2015-02-22 13:18:41 7A16DB1A910D4FBF4072C06AF01C1547 58016 ----a-w- C:\Users\Beast\AppData\Local\GDIPFONTCACHEV1.DAT 2015-02-02 19:34:17 -------- d-----w- C:\Users\Beast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2015-02-01 16:23:54 -------- d-----w- C:\Users\Beast\AppData\Roaming\Bioshock2Steam 2015-02-01 16:23:06 -------- d-----w- C:\Users\Beast\AppData\Roaming\BioShock 2 2015-01-25 13:02:01 -------- d-----w- C:\Users\Beast\AppData\Roaming\Steam ====== C:\Users\Beast ====== 2015-02-22 20:46:28 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Beast\Downloads\RSITx64.exe 2015-02-22 20:32:22 -------- d-----w- C:\ProgramData\HitmanPro 2015-02-22 19:28:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2015-02-22 19:28:21 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2015-02-22 12:52:57 BCBB7C0CD9696068988953990EC5BD11 292184 ----a-w- C:\Users\Beast\Downloads\dxwebsetup.exe 2015-02-22 11:30:06 4DB5909D450AE68CC11DC865B9B84F71 2126848 ----a-w- C:\Users\Beast\Downloads\adwcleaner_4.111.exe 2015-02-19 18:18:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LIMBO 2015-02-19 16:42:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2015-02-13 22:36:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2015-02-12 16:45:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-02-06 20:04:45 -------- d-----w- C:\Users\Public\Documents\STALKER-SHOC 2015-02-01 16:23:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics ====== C: exe-files == 2015-02-22 20:46:28 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Beast\Downloads\RSITx64.exe 2015-02-22 20:43:22 6663B30328C239D2AB10D2583054CF2E 364512 ----a-w- C:\Windows\System32\aswBoot.exe 2015-02-22 20:26:10 D6B32ADF0B31A796C76221DFDA13D5FF 144113664 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\332.21-desktop-win8-win7-winvista-64bit-international-whql-g.exe 2015-02-22 20:26:10 57CC12F075C4825E18107FF94C499B42 30160144 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\6fe99669-78cc-481e-b481-7d65e8d6fc18\GeForce_Experience_Update_v2.1.1.0.exe 2015-02-22 20:26:10 21641E5C09B3F10C105494431CCB8128 276935784 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\334.89-desktop-win8-win7-winvista-64bit-international-whql-g.exe 2015-02-22 20:26:10 0F1751255445A8ED7719587114CFE7F0 276762432 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\335.23-desktop-win8-win7-winvista-64bit-international-whql-g.exe 2015-02-22 20:26:09 EB0D6B399577889C84B1F72274D6F84B 32119264 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\3ab73a10-0903-4484-bd46-852173ae9f1a\GeForce_Experience_Update_v2.1.3.0.exe 2015-02-22 20:26:09 CD98A7B70DA9FFD707F6ED238098CDAD 306270552 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\1afaf246-925d-4b0d-b379-deafed2dceb0\344.48-desktop-win8-win7-winvista-64bit-international-whql-g.exe 2015-02-22 20:26:09 C5EA9D9AADBB111D0F65DB53C60D5478 308364224 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\1b93ec10-1f31-47f5-bf3d-9b2d58fe95ae\344.75-desktop-win8-win7-winvista-64bit-international-whql-g.exe 2015-02-22 20:26:09 C132A042C192EB04D62BB41EFB402673 30181208 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\1b6e7fd7-263f-4cf1-9f6d-a46d24cc6e34\GeForce_Experience_Update_v2.1.1.1.exe 2015-02-22 20:26:09 C04B2A7C132168E175EFD142D28B9199 32352984 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\6f82d86f-7818-409f-97a3-9a576fa9c9f3\GeForce_Experience_Update_v2.1.4.0.exe 2015-02-22 20:26:09 B12479F0CDDA023DB255D07A2F13E05A 31985320 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\26cf6bae-cd8f-4d0c-b859-ce606058ca5d\GeForce_Experience_Update_v2.1.2.0.exe 2015-02-22 20:26:09 798B4D72B44891317288AE3A1281BBA9 319671744 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\49bd5976-867f-47a5-9404-4ded6785e674\344.11-desktop-win8-win7-winvista-64bit-international-whql-g.exe 2015-02-22 20:26:09 4E48E03F9011EC8234F9B2C841B63FF2 306024872 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\7003a9f7-38e9-4da2-978a-f981a86a89a5\344.60-desktop-win8-win7-winvista-64bit-international-whql-g.exe 2015-02-22 20:26:09 46C54673A2F13ED4336EBF6F542EE4E3 274075712 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\3fa71149-4076-4eb0-a322-417cbac66f9b\340.52-desktop-win8-win7-winvista-64bit-international-whql-g.exe 2015-02-22 20:26:09 30A400DCDFFC82940C46B48641EDC664 308112344 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\5d764c5e-b289-4649-a30f-a9b86007ead9\344.65-desktop-win8-win7-winvista-64bit-international-whql-g.exe 2015-02-22 13:50:21 A0D35EC0B1954DC90EA0B5DD52587DA9 37745864 ----a-w- C:\ProgramData\Garmin\Core Update Service\APP-express-windows-3.2.29.0\GarminExpressInstaller.exe 2015-02-22 13:10:03 4672D4A377F326CA877061225BF8DE07 1253200 ----a-w- C:\Program Files (x86)\JAM Software\TreeSize Free\unins000.exe 2015-02-22 13:07:40 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Users\Beast\AppData\Local\Temp\A7E17768-55FA-4707-8DAE-B8309409692E\DismHost.exe 2015-02-22 12:58:30 D8B52A89CA45C380A8189D1BAEEC9C0F 438304 ----a-w- C:\Users\Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\8.2.11.1_0\ietabhelper.exe 2015-02-22 12:52:57 BCBB7C0CD9696068988953990EC5BD11 292184 ----a-w- C:\Users\Beast\Downloads\dxwebsetup.exe 2015-02-22 11:30:06 4DB5909D450AE68CC11DC865B9B84F71 2126848 ----a-w- C:\Users\Beast\Downloads\adwcleaner_4.111.exe 2015-02-22 11:28:11 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Beast.exe 2015-02-21 01:43:42 FF7FFD6962396B565838F04656F94004 437408 ----a-w- C:\Users\Beast\AppData\Local\NVIDIA\NvBackend\Packages\0000706b\CoProc update.19337009.exe 2015-02-20 17:23:06 F4CC03D0A936AD6780ADA614AE81B413 840272 ----a-w- C:\Program Files (x86)\Google\Update\Install\{56DC7C65-F871-46A0-8387-2478E0D1D02A}\40.0.2214.115_40.0.2214.111_chrome_updater.exe 2015-02-20 17:23:06 F4CC03D0A936AD6780ADA614AE81B413 840272 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.115\40.0.2214.115_40.0.2214.111_chrome_updater.exe 2015-02-17 18:38:14 4B0D0C51DAC9B9F5ACE7C04AB0E03164 5020680 ----a-w- C:\Users\Beast\AppData\Local\NVIDIA\NvBackend\Packages\00007049\DAO.19325675.exe 2015-02-17 15:19:28 CEEAD3EE1AC23B22AD12F280DD39523D 675256 ----a-w- C:\Users\Beast\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2015-02-17 15:19:26 D0B6133A3F38786CAD39FF206D1DB49E 172984 ----a-w- C:\Users\Beast\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3473739808-715647190-2127078386-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "appnhost"="C:\Users\Beast\AppData\Local\Mixesoft\AppNHost\appnhost.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "appnhost"="C:\Users\Beast\AppData\Local\Mixesoft\AppNHost\appnhost.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "Start WingMan Profiler"="C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ConduitFloatingPlugin_lcnnhcneegeeojhgpfijnlnocjdmlaon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ConduitFloatingPlugin_lcnnhcneegeeojhgpfijnlnocjdmlaon" "hkey"="HKCU" "command"="\"C:\\Windows\\SysWOW64\\Rundll32.exe\" \"C:\\Users\\Beast\\AppData\\Roaming\\ValueApps\\CH\\TBVerifier.dll\",RunConduitFloatingPlugin lcnnhcneegeeojhgpfijnlnocjdmlaon" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GarminExpressTrayApp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GarminExpressTrayApp" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Garmin\\Express Tray\\ExpressTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OscarEditor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="OscarEditor" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\MOUSE Editor\\MouseEditor.exe\" Minimum" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PMBVolumeWatcher] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PMBVolumeWatcher" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Sony\\PlayMemories Home\\PMBVolumeWatcher.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [06/02/2015 20:07] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09/11/2013 21:27] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09/11/2013 21:27] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [23/02/2015 07:39] ==== Chromium Look ====================== Google Chrome Version: 40.0.2214.115 (Up to date, latest Stable version: 40.0.2214.115) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[13/11/2014 17:36] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions dhdgffkkebhmkfjojejmpbldmpobfkfo - No path found[] Magic Actions for YouTube - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif UsernameEmail - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\afkccfnochoebimhhniekgcegeeiepmi Awesome Screenshot: Capture Annotate - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce WOT - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp selector is not a valid CSS selector - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Tampermonkey - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo Right-Click Search Wikipedia - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\eikmpmafdimllogceehaijmnlndineje SimpleUndoClose - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhohdghchmjepmigjojkehidlielknj HTTPS Everywhere - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp Shield For Chrome - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gceighgadbamgchioaofojlblndjcggh Web Timer - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggnjbdfgigejghknieofeahaknkjafim ClickClean - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod Avast Online Security - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Hover Free - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcmnnggnaofmhflgomfjfbndngdoogkj IE Tab - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd Social Fixer for Facebook - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb AutoPagerize - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiofjhpmpihnifddepnpngfjhkfenbp Disconnect - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo View Thru - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkncfnbcgbclefkbknfdbngiegdppgdd Downloader - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp Currency Converter - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lncdobdbibdgoiohgnflmjajfphcnakg Google Dictionary (by Google) - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja Google Wallet - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Personal Blocklist (by Google) - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nolijncfnkgaikbjbdaogikpmpbdcdef Virtual Keyboard - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflmllfnnabikmfkkaddkoolinlfninn ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Reset Google Chrome ====================== C:\Users\Beast\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Beast\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\61fddc63-1f8d-46ab-a793-de430307e890 deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKCU\..\Run: [appnhost] C:\Users\Beast\AppData\Local\Mixesoft\AppNHost\appnhost.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user') O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Beast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Beast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Beast\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=26 folders=20 47264923 bytes) ==== Empty Temp Folders ====================== C:\Users\Beast\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot