Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Badir on za 09/04/2016 at 13:47:58,51. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\badir_000\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 9/04/2016 13:49:55 Zoek.exe System Restore Point Created Successfully. ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== æTorrent Adobe AIR Adobe Flash Player 21 NPAPI Adobe Flash Player 21 PPAPI Adobe Shockwave Player 12.1 Apple Application Support Apple Mobile Device Support Apple Software Update Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver Avast Premier AVG 2015 AVS Audio Editor 7.2 Belgisch (punt) - New Belgium e-ID middleware 4.1.13 (build 1717) BlueStacks App Player BlueStacks Notification Center BS.Player FREE CamStudio 2.7.2 Canon MP520 series CyberGhost 5 D3DX10 DAEMON Tools Lite Dropbox Facebook Video Calling 3.1.0.521 Google Chrome Google Earth Google Update Helper Grand Theft Auto IV Grand Theft Auto IV v1.0 / RePack by Baracuda Greenshot 1.2.4.10 GTA IV Vehicle Mod Installer v1.2 GTA San Andreas HyperCam 3 iExplorer 3.2.5.3 iFunbox (v2.6.2375.747), iFunbox DevTeam Intel AppUp(SM) center Intel(R) Management Engine Components Intel(R) Processor Graphics Intel(R) Rapid Storage Technology Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel© Trusted Connect Service Client iTunes Java 8 Update 77 Java Auto Updater KeyTweak - Keyboard Remapper (remove only) Lenovo EasyCamera Lenovo OneKey Recovery Lenovo pointing device Lenovo PowerDVD10 Lenovo Solution Center Lenovo YouCam Malwarebytes Anti-Malware versie 2.2.1.1043 ManyCam 4.0.109 Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) Microsoft Application Error Reporting Microsoft Games for Windows - LIVE Redistributable Microsoft Keyboard Layout Creator 1.4 Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 365 - nl-nl Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft SkyDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Movie Maker Mozilla Firefox 26.0 (x86 nl) Mozilla Firefox 45.0.1 (x86 nl) Mozilla Maintenance Service MSVCRT MSVCRT110 MSVCRT110_amd64 Nitro Pro 8 NVIDIA-configuratiescherm 347.88 NVIDIA GeForce Experience 2.4.1.21 NVIDIA GeForce Experience Service NVIDIA Grafisch stuurprogramma 347.88 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA Network Service NVIDIA Optimus Update 2.4.1.21 NVIDIA PhysX NVIDIA PhysX systeemsoftware 9.14.0702 NVIDIA ShadowPlay 2.4.1.21 NVIDIA Update 2.4.1.21 NVIDIA Update Core NVIDIA Virtual Audio 1.2.27 Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component OpenOffice 4.1.0 Opera Stable 36.0.2130.46 Paint.NET v3.5.11 Pcsx2 0.9.6 Photo Common Photo Gallery Popcorn Time CE YIFY Power2Go PowerISO Qualcomm Atheros Bluetooth Suite (64) Qualcomm Atheros Client Installation Program QuickTime Realtek USB 2.0 Card Reader RMP4 RSCC Safari SafeZone Stable 1.46.1990.139 San Andreas Mod Installer Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2984939) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956106) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956107) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2956103) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2899580) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2956109) 32-Bit Edition Shared C Run-time for x64 SharpKeys SHIELD Streaming SHIELD Wireless Controller Driver Skype Click to Call SkypeT 6.18 Stuurprogrammapakket voor Windows - Fedict SmartCard (08/08/2015 4.1.5) Subtitle Edit 3.4.4 SugarSync Manager swMSM System Requirements Lab Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD TAP-Windows 9.9.2 TeamViewer 9 Uninstall Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2920794) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2956104) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) UserGuide VLC media player 2.1.1 Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinPcap 4.1.3 WinRAR 5.00 (32-bit) Wondershare Dr.Fone voor iOS(Build 6.7.2.2) x64crt x86crt ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files\AVAST Software\Avast\afwServ.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe C:\Program Files (x86)\USB Camera\VM331STI.EXE C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Users\badir_000\Desktop\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\windows\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\AVG Web TuneUp not found C:\ProgramData\AVG not found C:\Program Files (x86)\AVG not found C:\ProgramData\AVG Web TuneUp not found C:\Program Files\AVG Web TuneUp not found "C:\WINDOWS\Reimage.ini" not found ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8058 MB CPU Info: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz CPU Speed: 2202,5 MHz Sound Card: Speakers (Conexant SmartAudio H | Display Adapters: Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | NVIDIA GeForce 710M Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | TAP-Windows Adapter V9 | Bluetooth-apparaat (Personal Area Network) | Qualcomm Atheros AR8162/8166/8168 PCI-E Fast Ethernet-controller (NDIS 6.30) | Qualcomm Atheros AR9485WB-EG Wireless-netwerkadapter CD / DVD Drives: 2x (E: | F: | ) E: HL-DT-STDVDRAM GT80N | F: DTSOFT BDROM Ports: COM3 LPT Port NOT Present. Mouse: 2 Button Mouse Present Hard Disks: C: 883,7GB | D: 25,0GB Hard Disks - Free: C: 684,5GB | D: 24,9GB Manufacturer *: LENOVO BIOS Info: AT/AT COMPATIBLE | | LENOVO - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: LENOVO INVALID Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== AV: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} Default Browser: Firefox 45.0.1 Internet Explorer Version: 11.0.9600.17690 Mozilla Firefox version: 26.0 (x86 nl) Google Chrome version: 46.0.2471.2 Sun Java version: 1.8.0_77 (32-bit) Sun Java version: 1.8.0_77 (64-bit) Flash Player version: 21.0.0.213 Shockwave Player version: 12.1.9r160 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-04-08 17:36:28 748D1F5A0495A1AA9D44FB51B4C13271 43112 ----a-w- C:\WINDOWS\avastSS.scr ====== C:\Users\BADIR_~1\AppData\Local\Temp ==== 2016-04-09 11:12:51 36B826BEA2BBE7A1A5606F827F2E31E1 1330216 ----a-w- C:\Users\badir_000\AppData\Local\Temp\opera autoupdate\installer.exe ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-04-08 17:36:46 C514A8F4AC22AFAFE54B7CA515BBEAE2 386096 ----a-w- C:\WINDOWS\Sysnative\aswBoot.exe ====== C:\WINDOWS\Sysnative\drivers ===== 2016-04-08 17:36:57 E46B51C99BB750A81AC6A68362475A5C 65224 ----a-w- C:\WINDOWS\Sysnative\drivers\aswRvrt.sys 2016-04-08 17:36:57 D9079E1A1C2A1F8ED5F37AF8E6CD3161 155304 ----a-w- C:\WINDOWS\Sysnative\drivers\aswStm.sys 2016-04-08 17:36:57 7BC1F2FC2A9D79E1EBBBF6D69AC3BA1F 28656 ----a-w- C:\WINDOWS\Sysnative\drivers\aswHwid.sys 2016-04-08 17:36:57 68E76C1675AC171A84F5B7230652E19D 97648 ----a-w- C:\WINDOWS\Sysnative\drivers\aswmonflt.sys 2016-04-08 17:36:57 619CA9F210F0F36F8162E5B7BFDDA5CD 464256 ----a-w- C:\WINDOWS\Sysnative\drivers\aswsp.sys 2016-04-08 17:36:57 42AE0F2BF37CE46EB01A753F96FCC9B8 28144 ----a-w- C:\WINDOWS\Sysnative\drivers\aswKbd.sys 2016-04-08 17:36:57 3BEC32A0B646D914921FD56AA39998C1 273784 ----a-w- C:\WINDOWS\Sysnative\drivers\aswVmm.sys 2016-04-08 17:36:57 2D6B49A071216796106E7804AB2BA7DC 93528 ----a-w- C:\WINDOWS\Sysnative\drivers\aswRdr2.sys 2016-04-08 17:36:57 01487B49CC9289D7A1DADAD6A9A2C02F 1065720 ----a-w- C:\WINDOWS\Sysnative\drivers\aswsnx.sys 2016-04-08 17:36:22 E017E15F8EFD7675976743A8FBECCEBB 466400 ----a-w- C:\WINDOWS\Sysnative\drivers\aswNdisFlt.sys ====== C:\WINDOWS\Tasks ====== 2016-04-08 21:29:21 FDE651476E1B8C39CAEAE355AF95FA4B 1002 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2016-04-08 21:29:21 D121B449D881F53C34287DEE1FEFA1F4 3964 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Flash Player PPAPI Notifier 2016-04-08 17:38:01 89ACE5CCCF9DED4E7EA39CEB15B9EB00 3020 ----a-w- C:\WINDOWS\Sysnative\Tasks\SafeZone scheduled Autoupdate 1460137075 2016-04-08 17:37:09 730DF340C126665F83BBC371A082559D 4182 ----a-w- C:\WINDOWS\Sysnative\Tasks\avast! Emergency Update ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-04-08 22:39:48 -------- d-----w- C:\Program Files\trend micro 2016-04-07 16:47:25 -------- d-----w- C:\Program Files\TotalSystemCare ======= C:\PROGRA~2 ===== 2016-04-09 11:46:15 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2016-04-08 10:51:08 -------- d-----w- C:\PROGRA~2\COMMON~1\AV 2016-04-07 16:16:14 -------- d-----w- C:\PROGRA~2\Registry Recycler 2016-04-05 20:22:53 -------- d-----w- C:\PROGRA~2\Razer ======= C: ===== 2016-04-09 11:03:46 6BC96D928256EEFAB908771018F45FFA 213 ----a-w- C:\folders.txt ====== C:\Users\badir_000\AppData\Roaming ====== 2016-04-09 11:45:53 -------- d-----w- C:\Users\badir_000\AppData\Roaming\Sun 2016-04-09 11:44:53 -------- d-----w- C:\Users\badir_000\AppData\Locallow\Oracle 2016-04-09 11:05:22 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp 2016-04-09 11:05:22 -------- d-----w- C:\Users\sabri_000\AppData\Local\Temp 2016-04-09 11:05:21 -------- d-----w- C:\Users\rahma\AppData\Local\Temp 2016-04-09 11:05:21 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2016-04-09 11:05:21 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2016-04-09 11:05:21 -------- d-----w- C:\Users\badir_000\AppData\Local\Temp 2016-04-08 10:46:22 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\AvgSetupLog 2016-04-08 10:46:16 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Avg 2016-04-08 10:43:38 -------- d-----w- C:\Users\badir_000\AppData\Local\AvgSetupLog 2016-04-08 10:43:17 -------- d-----w- C:\Users\badir_000\AppData\Local\Avg2015 2016-04-05 20:30:36 -------- d-----w- C:\Users\badir_000\AppData\Local\CEF 2016-03-24 15:41:06 -------- d-----w- C:\Users\badir_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-03-19 20:07:29 -------- d-----w- C:\Users\badir_000\AppData\Locallow\uTorrent ====== C:\Users\badir_000 ====== 2016-04-09 11:45:53 -------- d-----w- C:\Users\badir_000\.oracle_jre_usage 2016-04-09 11:44:28 D1EF346FCC831DA86AE64F9CBBBC6DE0 734784 ----a-w- C:\Users\badir_000\Downloads\jxpiinstall.exe 2016-04-08 22:39:01 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\badir_000\Desktop\RSITx64.exe 2016-04-08 16:08:01 76ADA19FB074F9AB91D37A10C3D0A143 5920344 ----a-w- C:\Users\badir_000\Downloads\Avast Crack 2016 Till 2050_ Avast Antivirus License Key.exe 2016-04-08 15:26:56 7079B8A6DD85565FEC3E6F039942C75E 208098128 ----a-r- C:\Users\Public\Desktop\avast_premier_antivirus_setup.exe 2016-04-08 13:16:08 D014D9560CD7DB184C01BAE53E766C1A 3480040 ----a-w- C:\Users\badir_000\Downloads\MCPR.exe 2016-04-08 10:45:42 AB51109EDB08CE704DAA3913A25782A0 5066104 ----a-w- C:\Users\badir_000\Downloads\avast_free_antivirus_setup_online.exe 2016-04-07 16:47:08 C158893FA4A0BE931B11F62A2AA36175 7967432 ----a-w- C:\Users\badir_000\Downloads\TotalSystemCare_Installer(1).exe 2016-04-07 16:40:22 C158893FA4A0BE931B11F62A2AA36175 7967432 ----a-w- C:\Users\badir_000\Downloads\TotalSystemCare_Installer.exe 2016-04-07 16:29:28 97E2938252C2926FE920B6EF7216C8D0 3901072 ----a-w- C:\Users\badir_000\Downloads\WinThruster_2016_Setup.exe 2016-04-07 16:15:29 025FEC219E5A0A792DEDDB9F0DF31A86 1131272 ----a-w- C:\Users\badir_000\Downloads\setup_rr.exe 2016-04-05 20:19:23 5FAA29ABF65BA1E159550B5678881565 129757088 ----a-w- C:\Users\badir_000\Downloads\RazerCortexSetup_7.0.135.11872.exe 2016-03-28 11:16:29 AF11D9CF96135C060BBEF7236659916B 26212216 ----a-w- C:\Users\badir_000\Downloads\Belgium eID-QuickInstaller 4.1.13.exe ====== C: exe-files == 2016-04-09 11:45:34 F85C40988E94C2F463508FBEE94025BF 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\kinit.exe 2016-04-09 11:45:34 F4E94CBB9DEF622171D8943F2160B214 51776 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssvagent.exe 2016-04-09 11:45:34 E2AF676759086BAE2F16D6B5033E7F46 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\policytool.exe 2016-04-09 11:45:34 D763E321831C859D9195ADF15A951E95 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\java-rmi.exe 2016-04-09 11:45:34 D709404CB67D09946628987244B98A60 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\servertool.exe 2016-04-09 11:45:34 D62B10425DC16A177CB64D6B0356F915 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\jjs.exe 2016-04-09 11:45:34 C558C87F624CF96F812028165190EEDE 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\pack200.exe 2016-04-09 11:45:34 C31F1BDBB1902458FA15515BD0D8340B 191040 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\java.exe 2016-04-09 11:45:34 C1F46A7656D1DED6326D8E28B1CF1862 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\rmiregistry.exe 2016-04-09 11:45:34 AC4F3A4F853070419C9E8479B3868103 16448 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\tnameserv.exe 2016-04-09 11:45:34 AAADCD8DA5BCE8986D6FEC09FAB7B70D 68672 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\javacpl.exe 2016-04-09 11:45:34 A756D5633F6596B0E4711E60D3F61BCA 16448 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\orbd.exe 2016-04-09 11:45:34 A5AECC1529B64CB123B1880D3AD0F1AE 268352 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\javaws.exe 2016-04-09 11:45:34 A48BDE309534612FBA41D58E754A38BE 159296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\unpack200.exe 2016-04-09 11:45:34 8DF0EA1993F98096557A4AFA6235DE4E 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\rmid.exe 2016-04-09 11:45:34 724998551979EB4E0DF53CA3994AF035 77888 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2launcher.exe 2016-04-09 11:45:34 6101EC702C56D5F688AA578AC457A440 30784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\jabswitch.exe 2016-04-09 11:45:34 5192C3656176D1D21D21372E1061D1A4 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\ktab.exe 2016-04-09 11:45:34 4CC7AA4DCC143BB06999A62B8763EA6C 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\keytool.exe 2016-04-09 11:45:34 2AD9EFBB015490AA315707BAC2BFD816 191552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\javaw.exe 2016-04-09 11:45:34 26E779D9D96192E312E5DC042E993DED 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\klist.exe 2016-04-09 11:44:28 D1EF346FCC831DA86AE64F9CBBBC6DE0 734784 ----a-w- C:\Users\badir_000\Downloads\jxpiinstall.exe 2016-04-09 11:12:51 36B826BEA2BBE7A1A5606F827F2E31E1 1330216 ----a-w- C:\Users\badir_000\AppData\Local\Temp\opera autoupdate\installer.exe 2016-04-08 22:39:48 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Badir.exe 2016-04-08 22:39:01 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\badir_000\Desktop\RSITx64.exe 2016-04-08 17:36:46 C514A8F4AC22AFAFE54B7CA515BBEAE2 386096 ----a-w- C:\Windows\System32\aswBoot.exe 2016-04-08 16:08:01 76ADA19FB074F9AB91D37A10C3D0A143 5920344 ----a-w- C:\Users\badir_000\Downloads\Avast Crack 2016 Till 2050_ Avast Antivirus License Key.exe 2016-04-08 15:27:11 A9C2AE693EA9C53BAF3D03A369A89012 5903688 ----a-r- C:\Users\badir_000\Downloads\Avast! Premier Antivirus [2016] 11.1.2245 Final\avastclear.exe 2016-04-08 15:26:56 7079B8A6DD85565FEC3E6F039942C75E 208098128 ----a-r- C:\Users\Public\Desktop\avast_premier_antivirus_setup.exe 2016-04-08 15:26:56 7079B8A6DD85565FEC3E6F039942C75E 208098128 ----a-r- C:\Users\badir_000\Downloads\Avast! Premier Antivirus [2016] 11.1.2245 Final\avast_premier_antivirus_setup.exe 2016-04-08 13:16:08 D014D9560CD7DB184C01BAE53E766C1A 3480040 ----a-w- C:\Users\badir_000\Downloads\MCPR.exe 2016-04-08 10:51:08 E29E03F59F4FA7CFF645E8C8794BA0B7 184032 ----a-w- C:\Program Files\Common Files\AV\avast! Antivirus\upgrade.exe 2016-04-08 10:51:08 E29E03F59F4FA7CFF645E8C8794BA0B7 184032 ----a-w- C:\Program Files (x86)\Common Files\AV\avast! Antivirus\upgrade.exe 2016-04-08 10:51:08 224EFC8B50E88D79DCEB19D658D5C41B 652816 ----a-w- C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe 2016-04-08 10:51:08 224EFC8B50E88D79DCEB19D658D5C41B 652816 ----a-w- C:\Program Files (x86)\Common Files\AV\avast! Antivirus\backup.exe 2016-04-08 10:45:42 AB51109EDB08CE704DAA3913A25782A0 5066104 ----a-w- C:\Users\badir_000\Downloads\avast_free_antivirus_setup_online.exe 2016-04-08 10:43:29 5DB315E7300F28688D1D34CCC80F882F 217768 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\MSOXMLED.EXE 2016-04-08 10:43:26 1ACBEA96AF404136616F989A7CCB503E 559856 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\MSOSQM.EXE 2016-04-08 10:43:24 B7A010697B0EFFE3B966B46158AC9D6D 851736 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\DW20.EXE 2016-04-08 10:43:24 1C7E035C643042A4B9A39902606E1C48 162912 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSOSREC.EXE 2016-04-08 10:43:16 99A1CEF3ED1DD8DB034E5990B6E56795 16064 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Smart Tag\SmartTagInstall.exe 2016-04-08 10:43:07 60EBEB06F21DBEA8CA54F5C3E1431A55 94048 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE 2016-04-08 10:43:06 D7CE91A98302CBFD778D97A6DD18CE6C 7985960 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CMigrate.exe 2016-04-08 10:43:02 35D49BA06039E2CD4A73E54CBC636D57 48840 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\AppSharingHookController64.exe 2016-04-08 10:42:55 B93A4ACCBD65B22746547BB3951EA79C 208968 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\MSOXMLED.EXE 2016-04-08 10:42:54 E05F6EC7087E15B7C6CF638078F30264 5839144 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CMigrate.exe 2016-04-08 10:42:47 E1B97CE23930787BAFCAA4410DA83658 9602736 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\PDFREFLOW.EXE 2016-04-08 10:42:42 42AC26B2319CAFD9BD4ED9A971060365 882904 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe 2016-04-08 10:42:36 E94CD6FC12C22C975DAED6AA7ABD1663 7217832 ----a-w- C:\Program Files\Microsoft Office 15\root\Integration\OneDriveSetup.exe 2016-04-08 10:42:36 D0915899EBCA0DEC2E2478D91EEA01A6 483656 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\DWTRIG20.EXE 2016-04-08 10:42:10 D62DD48AC3C2D1C56BCBE8D9AA87179D 87240 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\NAMECONTROLSERVER.EXE 2016-04-08 10:42:10 D5BD92670A5A4D2F00C8B9B3FDBCD44E 238320 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\CLVIEW.EXE 2016-04-08 10:42:10 86476286AE02B377CF581145858AA850 1161504 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe 2016-04-08 10:42:10 584984439892865D0044179B08BDB0EA 508160 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSOUC.EXE 2016-04-08 10:42:09 CC684E12F90DD0302C1B69A6191B921F 50392 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\SETLANG.EXE 2016-04-08 10:42:09 058E8C8B0E10CE7B3C81A50EB9BE2D9F 700064 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSQRY32.EXE 2016-04-08 10:42:08 CC2F6EF5569D02637F24D001C4428E82 21952704 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe 2016-04-08 10:42:08 760BCA628083C4970133E462E81C6212 4531456 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\GRAPH.EXE 2016-04-08 10:42:08 3EC69B311B7EC4E42AF0BB11DE0CED04 449216 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE 2016-04-08 10:42:08 3CC08F8A62B4C3F346F0BECEE418EE11 490272 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\SELFCERT.EXE 2016-04-08 10:42:07 F5C73E8FB7183AD5CD7197BCC3A6B145 526680 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\IEContentService.exe 2016-04-08 10:42:07 36CDF5CBF5F7B3A144E043EA7A41BCEF 163016 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\CNFNOT32.EXE 2016-04-08 10:42:06 324977188D2F257BBBBF5FA141FC6BF3 578912 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ORGCHART.EXE 2016-04-08 10:41:59 0534585DC8C6BC01067086D32EFB038C 537856 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\VPREVIEW.EXE 2016-04-08 10:41:11 C78471F07031A3B6742103AE0B64988D 642328 ----a-w- C:\Program Files\Microsoft Office 15\root\Integration\Integrator.exe 2016-04-08 10:41:08 BF33AB2A68972B6AF64F8E4EBB1278F4 145064 ----a-w- C:\Program Files\Microsoft Office 15\root\client\AppVDllSurrogate64.exe 2016-04-08 10:41:08 27A7CF70BF8092CC80E0476E15EE4D0F 320896 ----a-w- C:\Program Files\Microsoft Office 15\root\client\AppVLP.exe 2016-04-08 10:41:08 1E9B3B467F1449C2FB361E8D59FF5D76 124072 ----a-w- C:\Program Files\Microsoft Office 15\root\client\AppVDllSurrogate32.exe 2016-04-08 10:39:26 5D06345B317347B3E0C152CC7533C0D1 19117768 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE 2016-04-08 10:39:22 C7F9003995AE87FEF4CDE47E6E137B1F 1772744 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ONENOTE.EXE 2016-04-08 10:39:22 89969E9A946B5E15B3E9C6853B5FD61D 195248 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE 2016-04-08 10:39:21 6339D87E3D4AB54C17ECD873688FA9CB 15529160 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSACCESS.EXE 2016-04-08 10:39:02 56B9CA2C9A44BF3090F57CC9456A861E 1932480 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE 2016-04-08 10:39:00 A1057743A38A7B25915FACFB831DDF09 1848392 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\POWERPNT.EXE 2016-04-08 10:38:58 82271138B5F849B0B718BCDB51AE4E46 10766544 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSPUB.EXE 2016-04-08 10:38:56 344D19D095061C65EF2D481C427C62D3 25735872 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE 2016-04-08 10:38:46 88181E7C0993540B0D98718CBF775A0A 999616 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\FIRSTRUN.EXE 2016-04-08 10:38:42 2A82519355D5E648747A6FF32ACC89CD 90280 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\perfboost.exe 2016-04-08 10:38:40 CF972482D2089B927A3565577B8334CE 205480 ----a-w- C:\Program Files\Microsoft Office 15\ClientX64\AppVShNotify.exe 2016-04-08 10:38:40 85112B8619D65474F7F0F259A0A32CC4 249000 ----a-w- C:\Program Files\Microsoft Office 15\ClientX64\mavinject32.exe 2016-04-07 16:47:08 C158893FA4A0BE931B11F62A2AA36175 7967432 ----a-w- C:\Users\badir_000\Downloads\TotalSystemCare_Installer(1).exe 2016-04-07 16:40:22 C158893FA4A0BE931B11F62A2AA36175 7967432 ----a-w- C:\Users\badir_000\Downloads\TotalSystemCare_Installer.exe 2016-04-07 16:29:28 97E2938252C2926FE920B6EF7216C8D0 3901072 ----a-w- C:\Users\badir_000\Downloads\WinThruster_2016_Setup.exe 2016-04-07 16:15:29 025FEC219E5A0A792DEDDB9F0DF31A86 1131272 ----a-w- C:\Users\badir_000\Downloads\setup_rr.exe 2016-04-07 15:53:58 C06DA85C980F9F815D202FEA28EE353E 1536000 ----a-w- C:\Users\badir_000\AppData\Local\Packages\E046963F.LenovoCompanion_k1h2ywk1493x8\AC\Microsoft\CLR_v4.0_32\NativeImages\Lenovo.Discovery\84cb6e13fb78d82ec989d0c4edbd163c\Lenovo.Discovery.ni.exe 2016-04-06 22:37:34 4CF4F6CF12A38A749763392F2A975B18 7693416 ----a-w- C:\Users\badir_000\AppData\Local\NVIDIA\NvBackend\Packages\0000892f\DAO.20618277.exe 2016-04-06 10:39:24 D5A8CC2B58D605569C717EE34C46687A 686520 ----a-w- C:\Users\badir_000\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2016-04-06 10:39:20 A5318E9E4C0D460AD0F480ECC77B909D 254904 ----a-w- C:\Users\badir_000\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2016-04-05 20:30:46 F0F988AB291B8BBEC691A04E9ACFA7F0 273680 ------w- C:\Users\badir_000\AppData\Local\Razer\InGameEngine\cache\RzFpsApplet\rzcefrenderprocess.exe 2016-04-05 20:25:09 690264BE268ACDF07259123A9AB2856B 17600 ----a-w- C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe 2016-04-05 20:19:23 5FAA29ABF65BA1E159550B5678881565 129757088 ----a-w- C:\Users\badir_000\Downloads\RazerCortexSetup_7.0.135.11872.exe 2016-04-03 07:51:14 6CCD880C9AA5D8BC0C8987688BBBD047 620968 ----a-w- C:\Users\sabri_000\AppData\Local\NVIDIA\NvBackend\Packages\00008909\CoProc update.20603267.exe 2016-04-03 07:51:14 68FDD236090242445FEFD7C84037A00F 7641432 ----a-w- C:\Users\sabri_000\AppData\Local\NVIDIA\NvBackend\Packages\00008900\DAO.20602316.exe === C: other files == 2016-04-09 11:45:34 4EDC09D3151E434741F50E8F7210D162 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\lib\deploy\ffjcext.zip 2016-04-08 17:36:57 E46B51C99BB750A81AC6A68362475A5C 65224 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2016-04-08 17:36:57 D9079E1A1C2A1F8ED5F37AF8E6CD3161 155304 ----a-w- C:\Windows\System32\drivers\aswStm.sys 2016-04-08 17:36:57 7BC1F2FC2A9D79E1EBBBF6D69AC3BA1F 28656 ----a-w- C:\Windows\System32\drivers\aswHwid.sys 2016-04-08 17:36:57 68E76C1675AC171A84F5B7230652E19D 97648 ----a-w- C:\Windows\System32\drivers\aswmonflt.sys 2016-04-08 17:36:57 619CA9F210F0F36F8162E5B7BFDDA5CD 464256 ----a-w- C:\Windows\System32\drivers\aswsp.sys 2016-04-08 17:36:57 42AE0F2BF37CE46EB01A753F96FCC9B8 28144 ----a-w- C:\Windows\System32\drivers\aswKbd.sys 2016-04-08 17:36:57 3BEC32A0B646D914921FD56AA39998C1 273784 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2016-04-08 17:36:57 2D6B49A071216796106E7804AB2BA7DC 93528 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2016-04-08 17:36:57 01487B49CC9289D7A1DADAD6A9A2C02F 1065720 ----a-w- C:\Windows\System32\drivers\aswsnx.sys 2016-04-08 17:36:22 E017E15F8EFD7675976743A8FBECCEBB 466400 ----a-w- C:\Windows\System32\drivers\aswNdisFlt.sys 2016-04-05 20:30:34 48932508C9E6F2285803252D5A225C0C 544 ----a-w- C:\Program Files (x86)\Razer\Razer Cortex\RazerCortexInfo.bat 2016-04-04 20:39:31 4D3DCDD3AB114AFFAFE36014A0299523 36853 ----a-w- C:\Users\badir_000\Downloads\keyscan09.zip ==== Orphaned Tasks deleted from Registry ====================== avast Emergency Update deleted ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3300143506-2763790894-2804036282-1005\Software\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="C:\Users\badir_000\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "uTorrent"="C:\Users\badir_000\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "Dropbox Update"="C:\Users\badir_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "ManyCam"="C:\Program Files (x86)\ManyCam\ManyCam.exe --silent" "CyberGhost"="C:\Program Files\CyberGhost 5\CyberGhost.exe /autostart /min" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "331BigDog"="C:\Program Files (x86)\USB Camera\VM331STI.EXE" "YouCam Mirage"="C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" "YouCam Tray"="C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe /s" "UpdateP2GShortCut"="C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\Lenovo\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\5.0" "RemoteControl10"="C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" "Intel AppUp(SM) center"="C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4" "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE -startup" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "RazerCortex"="C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="C:\Users\badir_000\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "uTorrent"="C:\Users\badir_000\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "Dropbox Update"="C:\Users\badir_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "ManyCam"="C:\Program Files (x86)\ManyCam\ManyCam.exe --silent" "CyberGhost"="C:\Program Files\CyberGhost 5\CyberGhost.exe /autostart /min" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\WINDOWS\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\windows\system32\igfxtray.exe" "SmartAudio"="C:\Program Files\CONEXANT\SAII\SACpl.exe /t" "cAudioFilterAgent"="C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" "BtPreLoad"="C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\WINDOWS\\system32\\nvinitx.dll" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\EventLog] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\McComponentHostService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TuneUp.UtilitiesSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Wecsvc] ==== Startup Folders ====================== 2014-11-24 18:52:47 1208 ----a-w- C:\Users\badir_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2015-08-18 22:15:45 1337 ----a-w- C:\Users\badir_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk 2013-05-25 18:27:04 1120 ----a-w- C:\Users\rahma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe [08/04/2016 23:29] C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08/04/2016 23:29] C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-3300143506-2763790894-2804036282-1005Core.job --a-------- C:\Users\badir_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe [19/06/2015 01:13] C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-3300143506-2763790894-2804036282-1005UA.job --a-------- C:\Users\badir_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe [19/06/2015 01:13] C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3300143506-2763790894-2804036282-1005Core.job --a-------- C:\Users\badir_000\AppData\Local\Facebook\Update\FacebookUpdate.exe [11/11/2013 22:58] C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3300143506-2763790894-2804036282-1005UA.job --a-------- C:\Users\badir_000\AppData\Local\Facebook\Update\FacebookUpdate.exe [11/11/2013 22:58] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Flash Player PPAPI Notifier" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-3300143506-2763790894-2804036282-1005Core" [C:\Users\badir_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-3300143506-2763790894-2804036282-1005UA" [C:\Users\badir_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\WINDOWS\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3300143506-2763790894-2804036282-1005Core" [C:\Users\badir_000\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\WINDOWS\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3300143506-2763790894-2804036282-1005UA" [C:\Users\badir_000\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\WINDOWS\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\WINDOWS\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe] "C:\WINDOWS\SysNative\tasks\Opera scheduled Autoupdate 1388573795" [C:\Users\badir_000\AppData\Local\Programs\Opera\launcher.exe] "C:\WINDOWS\SysNative\tasks\SafeZone scheduled Autoupdate 1460137075" [C:\Program Files\AVAST Software\SZBrowser\launcher.exe] "C:\WINDOWS\SysNative\tasks\SpyHunter4Startup" ["C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe"] "C:\WINDOWS\SysNative\tasks\TunnelBear" [C:\Program Files (x86)\TunnelBear\TunnelBear.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{280BA869-3D11-4065-996B-EDB9C8282B07}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{855CFC05-3AA5-4CC6-8564-B15A4FF1CF67}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{EAF410EB-D37D-4921-B0D7-F322B4662EAF}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\AVAST Software\Avast settings backup" [C:\Program Files\Common Files\AV\avast Antivirus\backup.exe] "C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program" ["%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Solution Center Launcher" [%programfiles%\lenovo\lenovo solution center\lsc.exe -updatestatus] "C:\WINDOWS\SysNative\tasks\Lenovo\LSC\LSCHardwareScan" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan] "C:\WINDOWS\SysNative\tasks\Lenovo\LSC\RebootCountTask" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -rebootcount] "C:\WINDOWS\SysNative\tasks\Lenovo\LSC\Time72Task" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -canupdate] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [08/04/2016 19:36] ==== Firefox Extensions ====================== ProfilePath: C:\Users\BADIR_~1\AppData\Roaming\Mozilla\Firefox\Profiles\oc1786o6.default-1440065958961 - Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\badir_000\AppData\Roaming\Mozilla\Firefox\Profiles\oc1786o6.default-1440065958961 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013 0E8B2D0D9E3415A91EF259CE1112C579 - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1210150.dll - Shockwave for Director / Shockwave for Director 684F2DF31062413E094280891DCB6EE1 - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1219160.dll - Shockwave for Director / Shockwave for Director 57C7E359ED8D049132EED23EFA444C63 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll - Shockwave Flash 3CD19649B2C3023D65E67C056457A2BC - C:\Users\badir_000\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin ==== Chromium Look ====================== Google Chrome Version: 46.0.2471.2 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[08/04/2016 19:36] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[08/01/2016 11:47] Google Slides - badir_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - badir_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - badir_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - badir_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - badir_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf https //mynamedomain.koko/00 - badir_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo Google Sheets - badir_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap https //mynamedomain.koko/00 - badir_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi https //mynamedomain.koko/00 - badir_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl https //mynamedomain.koko/00 - badir_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhjgdbihpkphlammdaeicdemggagfbdo Chrome Web Store Payments - badir_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - badir_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - rahma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - rahma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - rahma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - rahma\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - rahma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - rahma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia YouTube - sabri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - sabri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf http //mynamedomain.koko/00 - sabri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\djolekdiiojehgfggcjckachfgkkdmjd Google Wallet - sabri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda http //mynamedomain.koko/00 - sabri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfglnpdpgmecffbejlfgpnebopinlclj Gmail - sabri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\rahma\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://start.qone8.com/?type=hp&ts=1382712298&from=amt&uid=ST1000LM024XHN-M101MBB_S2U5J9GD115562", ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{2F83D103-44C8-45D3-A002-3D169161A43B} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS HKLM\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2} - http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes\{2F83D103-44C8-45D3-A002-3D169161A43B} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS HKLM\Wow6432Node\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2} - http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 HKCU\SearchScopes "DefaultScope"="{2F83D103-44C8-45D3-A002-3D169161A43B}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 HKCU\SearchScopes\{2F83D103-44C8-45D3-A002-3D169161A43B} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 HKCU\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2} - No_Url_Value ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [RazerCortex] C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Facebook Update] "C:\Users\badir_000\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [uTorrent] "C:\Users\badir_000\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\badir_000\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c O4 - HKCU\..\Run: [ManyCam] "C:\Program Files (x86)\ManyCam\ManyCam.exe" --silent O4 - HKCU\..\Run: [CyberGhost] "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min O4 - Startup: Dropbox.lnk = badir_000\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{6861107A-09FB-49D2-95F0-66F1DE3E3FCB}: NameServer = 95.169.183.219,89.41.60.38 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll O23 - Service: Emsisoft Anti-Malware 8.0 - Service (a2AntiMalware) - Emsisoft Ltd - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe O23 - Service: CyberGhost 5 Client Service (CGVPNCliService) - CyberGhost S.R.L - C:\Program Files\CyberGhost 5\Service.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: Conexant Audio Message Service (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\windows\SysWOW64\NLSSRV32.EXE O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Wondershare Application Framework Service (WsAppService) - Unknown owner - C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe (file missing) O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\badir_000\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\badir_000\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\sabri_000\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\sabri_000\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\badir_000\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\badir_000\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Users\sabri_000\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\sabri_000\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\badir_000\AppData\Local\Mozilla\Firefox\Profiles\oc1786o6.default-1440065958961\cache2 emptied successfully C:\Users\badir_000\AppData\Roaming\Mozilla\Firefox\Profiles\oc1786o6.default-1440065958961\storage\default\https+++www.pinterest.com\cache emptied successfully C:\Users\rahma\AppData\Local\Mozilla\Firefox\Profiles\0wj4a1xy.default\Cache emptied successfully C:\Users\rahma\AppData\Local\Mozilla\Firefox\Profiles\0wj4a1xy.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\badir_000\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully C:\Users\badir_000\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\rahma\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\sabri_000\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2606 folders=414 517699194 bytes) ==== Empty Temp Folders ====================== C:\Users\badir_000\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\rahma\AppData\Local\Temp emptied successfully C:\Users\sabri_000\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\BADIR_~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on za 09/04/2016 at 15:00:40,44 ======================