Zoek.exe v5.0.0.1 Updated 19-September-2016 Tool run by Beast on wo 02/11/2016 at 11:43:04,57. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Safe Mode NETWORK Internet Access Detected Launched: C:\Users\Beast\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2016-11-02-094903.log 20038 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== ęTorrent 7-Zip 16.02 (x64 edition) Adobe Flash Player 23 NPAPI Ansel ANT Drivers Installer x64 Auslogics DiskDefrag Avast Free Antivirus Canon Utilities Digital Photo Professional 3.3 Canon Utilities EOS Utility CCleaner D3DX10 DAEMON Tools Lite Elevated Installer Foxit Reader Garmin Express Garmin Express Tray Google Chrome Google Update Helper Gramblr Grand Theft Auto V HD Tune 2.55 HWiNFO64 Version 4.26 Intel(R) Driver Update Utility 2.6 Intel(R) Management Engine Components Intel(R) Network Connections 18.0.1.0 Intel(R) Processor Graphics Intel(R) Product Improvement Program Intel(R) USB 3.0 eXtensible Host Controller Driver Intel© Trusted Connect Service Client K-Lite Codec Pack 10.2.0 Full Kodi Logitech Gaming Software Logitech Gaming Software 5.10 Logitech Gaming Software 8.78 Malwarebytes Anti-Malware versie 2.2.1.1043 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.1 (Nederlands) Microsoft .NET Framework 4.6.1 (NLD) Microsoft Application Error Reporting Microsoft ASP.NET MVC 4 Runtime Microsoft Office Excel Viewer Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 MiniLyrics MOUSE Editor Mouse Editor Movie Maker Mozilla Firefox 49.0.1 (x86 nl) Mozilla Maintenance Service MSVCRT MSVCRT110 MSVCRT110_amd64 MusicBee 2.3 NetSpeedMonitor 2.5.4.0 x64 NVIDIA-configuratiescherm 368.81 NVIDIA 3D Vision controllerstuurprogramma 364.44 NVIDIA Backend NVIDIA Container NVIDIA Elevated User Container NVIDIA GeForce Experience 3.0.7.34 NVIDIA Grafisch stuurprogramma 368.81 NVIDIA HD Audio-stuurprogramma 1.3.34.15 NVIDIA Install Application NVIDIA LocalSystem Container NVIDIA Message Bus for NvContainer NVIDIA NetworkService Container NVIDIA PhysX Systeem Software 9.16.0318 NVIDIA ShadowPlay 2.13.0.21 Nvidia Share NVIDIA Update 2.13.0.21 NVIDIA Update Core NVIDIA User Container NVIDIA Virtual Audio 1.2.41 NVIDIA Watchdog Plugin for NvContainer NVIDIA Wireless Controller Service NvNodejs NvTelemetry OpenAL Photo Common Photo Gallery Realtek High Definition Audio Driver Reliability Update for Microsoft .NET Framework 4.6.1 (KB3179949) Revo Uninstaller 2.0.1 Rockstar Games Social Club SafeZone Stable 1.51.2220.62 Secunia PSI (3.0.0.10004) Security Update for Microsoft .NET Framework 4.6.1 (KB3122661) Security Update for Microsoft .NET Framework 4.6.1 (KB3127233) Security Update for Microsoft .NET Framework 4.6.1 (KB3136000) Security Update for Microsoft .NET Framework 4.6.1 (KB3136000v2) Security Update for Microsoft .NET Framework 4.6.1 (KB3142037) Security Update for Microsoft .NET Framework 4.6.1 (KB3143693) Security Update for Microsoft .NET Framework 4.6.1 (KB3164025) SHIELD Streaming SHIELD Wireless Controller Driver Sony Mobile Update Engine Sony PC Companion 2.10.303 SoulseekQt Speccy SpywareBlaster 5.5 SSDlife Free Steam Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) SUPERAntiSpyware TreeSize Free V3.4.5 Undertale Unlocker 1.9.2 VC_CRT_x64 VLC media player Vulkan Run Time Libraries 1.0.11.1 Vulkan Run Time Libraries 1.0.3.0 WhoCrashed 5.03 Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinRAR 5.00 (64-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2016-10-07 07:15:43 12EBDA58437CD1EA7066FCB6455241D2 53208 ----a-w- C:\Windows\avastSS.scr ====== C:\Users\Beast\AppData\Local\Temp ==== 2016-10-20 17:26:11 B0924D83128E730F278B4B05316FF89A 772672 ----a-w- C:\Users\Beast\AppData\Local\Temp\sqlite3.dll 2016-10-20 17:26:11 1F5F004AA46F9B9B18952792B46BB7B1 2458672 ----a-w- C:\Users\Beast\AppData\Local\Temp\libeay32.dll 2016-10-20 17:26:11 034CCADC1C073E4216E9466B720F9849 970912 ----a-w- C:\Users\Beast\AppData\Local\Temp\msvcr120.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2016-10-25 12:59:01 F7710C0968CDB9E4CAA7653ACB171CE0 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll 2016-10-25 12:59:01 7D64E699ED2153099A27681C50FF6286 497152 ----a-w- C:\Windows\SysWOW64\win32spl.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2016-11-01 17:20:59 3461BB433684FEAB27BCA6E7178D41AC 267912 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT 2016-10-25 12:59:01 A661B5183C88B8E6F8F54973D26BFE91 41984 ----a-w- C:\Windows\Sysnative\UtcResources.dll 2016-10-25 12:59:01 7AED4A1659AAA0EC8F4C7AE58B8C560A 756736 ----a-w- C:\Windows\Sysnative\win32spl.dll 2016-10-25 12:59:01 6F2FBD68F7B475C879F79AF58786A26C 2048 ----a-w- C:\Windows\Sysnative\tzres.dll 2016-10-25 12:58:58 EE9954237F15BE4DD9304D12E4D305ED 1386496 ----a-w- C:\Windows\Sysnative\diagtrack.dll ====== C:\Windows\Sysnative\drivers ===== 2016-10-12 15:46:19 CF11CC2B73D5155533C67354F9188E09 95464 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2016-10-12 15:46:19 9B38580063D281A99E68EF5813022A5F 106496 ----a-w- C:\Windows\Sysnative\drivers\dfsc.sys 2016-10-12 15:46:19 98DB1790F0A584E0A2528B92B052417F 142336 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys 2016-10-12 15:46:19 2E56D51B184EFB8E353B7AF446299DC8 154856 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2016-10-12 15:46:18 FCA01B0C70DAE9BE557577E719469D17 159744 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2016-10-12 15:46:18 8B73FEE96B60EE597CBCAA735A842A36 62464 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2016-10-12 15:46:18 841474CF2EB14F826038FBCC7D85B857 129536 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2016-10-12 15:46:18 386BE96797C5B480AD31E8B50CEE337C 291328 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-11-01 13:48:04 -------- d-----w- C:\Program Files\Gramblr ======= C:\PROGRA~2 ===== 2016-10-23 19:57:34 -------- d-----w- C:\PROGRA~2\MiniLyrics ======= C: ===== 2016-11-01 10:01:21 B8E0F17848334EC2B49C6C9FB5AE9606 1728 ----a-w- C:\DelFix.txt ====== C:\Users\Beast\AppData\Roaming ====== 2016-11-01 18:50:32 -------- d-----w- C:\Users\Beast\AppData\Local\UNDERTALE 2016-11-01 14:03:16 F71211B6AA933CE90C9C9715DA658025 139056 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2016-11-01 11:00:35 9469FEEDF3D01A3CB16D64832D10A4E8 58016 ----a-w- C:\Users\Beast\AppData\Local\GDIPFONTCACHEV1.DAT 2016-10-30 17:22:20 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2016-10-30 17:22:20 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2016-10-30 17:22:20 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2016-10-30 17:22:20 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2016-10-30 17:22:20 -------- d-----w- C:\Users\Beast\AppData\Local\Temp 2016-10-26 20:52:17 -------- d-----w- C:\Users\Beast\AppData\Local\Sony 2016-10-23 19:57:37 -------- d-----w- C:\Users\Beast\AppData\Roaming\MiniLyrics 2016-10-15 09:58:40 -------- d-----w- C:\Users\Beast\AppData\Locallow\SUPERHOT_Team 2016-10-15 09:58:39 -------- d-----w- C:\Users\Beast\AppData\Local\SUPERHOT_Sp_z_o.o 2016-10-04 17:23:34 -------- d-----w- C:\Users\Beast\AppData\Locallow\Playdead ====== C:\Users\Beast ====== 2016-11-01 13:48:03 -------- d-----w- C:\ProgramData\Gramblr 2016-11-01 13:47:33 EDDDA319CE6984B8D69A43067C73BA70 10133072 ----a-w- C:\Users\Beast\Desktop\gramblr.exe 2016-10-27 11:39:58 -------- d-----w- C:\ProgramData\RELOADED 2016-10-26 11:47:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2016-10-23 19:57:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniLyrics ====== C: exe-files == 2016-11-01 18:12:29 93D87952773A2BB59A8667D0BC06C2C0 3811840 ----a-w- C:\Users\Beast\Downloads\Undertale\UNDERTALE.exe 2016-11-01 18:12:21 A348289EF079798DC7D48FAAD4A64B87 1327184 ----a-w- C:\Users\Beast\Downloads\Undertale\unins000.exe 2016-11-01 13:48:14 68A57EAE4FFBBB97DD7B926E6EDCC654 12395520 ----a-w- C:\ProgramData\Gramblr\convert.exe 2016-11-01 13:48:04 EDDDA319CE6984B8D69A43067C73BA70 10133072 ----a-w- C:\ProgramData\Gramblr\backup\gramblr.exe 2016-11-01 13:48:04 B43E5C48DF8BDAF2881EFB7CA8D52B2D 10220624 ----a-w- C:\Program Files\Gramblr\gramblr.exe 2016-11-01 13:47:33 EDDDA319CE6984B8D69A43067C73BA70 10133072 ----a-w- C:\Users\Beast\Desktop\gramblr.exe 2016-11-01 11:16:24 ADCDEE9619BB028FB0C867D827018EED 9266792 ----a-w- C:\Users\Beast\AppData\Local\NVIDIA\NvBackend\Packages\00009630\DAO.21321898.exe 2016-11-01 10:07:12 1B7D6D3CB13A17F14E49CF75BF2BEBDA 346512 ----a-w- C:\Users\Beast\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2016-11-01 10:07:10 AD50E11F7BD942EECBA5CEA3C1B34C03 403856 ----a-w- C:\Users\Beast\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2016-10-27 14:22:42 BFDE72F81CC53184D5932B60E1C94AF0 2205688 ----a-w- C:\Users\Beast\AppData\Local\Google\Chrome\User Data\SwReporter\12.77.0\software_reporter_tool.exe 2016-10-26 11:47:34 D792D26EDC3AB4301F21EF8EB4DAEB93 1349871 ----a-w- C:\Program Files\VS Revo Group\Revo Uninstaller\unins000.exe === C: other files == 2016-11-02 09:49:07 B27916DB5C67310785DC029266E460CD 4854 ----a-w- C:\Users\Beast\AppData\Local\Temp\xpi\tmp.zip 2016-11-01 13:48:23 0AF156A3F6CAE14DD7AFA1F7B2E0A2DD 285 ----a-w- C:\ProgramData\Gramblr\restart.vbs 2016-11-01 13:48:06 F673433BA1FBF7FB138F6DF2C4024AF7 307 ----a-w- C:\ProgramData\Gramblr\chrome.vbs 2016-10-31 12:01:15 281DC7FDA17CDE5A35F0FA62195FA7D0 18602 ----a-w- C:\Users\Beast\AppData\Roaming\Kodi\addons\packages\script.module.addon.signals-0.0.1.zip 2016-10-31 12:01:13 5D3EB28635C0CF0EE68D85391052532A 628370 ----a-w- C:\Users\Beast\AppData\Roaming\Kodi\addons\packages\script.web.viewer-0.9.21.zip 2016-10-31 12:01:13 17668AA0AC1C374B12EBF033AA591971 1461272 ----a-w- C:\Users\Beast\AppData\Roaming\Kodi\addons\packages\script.module.youtube.dl-16.1026.0.zip 2016-10-30 23:18:36 9E879F40AF2289301FE49649819D5A5B 968663 ----a-w- C:\Users\Beast\AppData\Roaming\Kodi\addons\packages\plugin.video.exodus-2.0.17.zip 2016-10-30 20:23:55 C263542412912B438DEAC50D776DE564 968651 ----a-w- C:\Users\Beast\AppData\Roaming\Kodi\addons\packages\plugin.video.exodus-2.0.15.zip 2016-10-29 22:26:19 FFB83A23482E7BDCBF6734D7D8B3B87E 968185 ----a-w- C:\Users\Beast\AppData\Roaming\Kodi\addons\packages\plugin.video.exodus-2.0.14.zip 2016-10-27 22:15:20 05B9932D3A15D73B074888818520DAA0 916742 ----a-w- C:\Users\Beast\AppData\Roaming\Kodi\addons\packages\script.module.urlresolver-3.0.23.zip 2016-10-26 22:53:02 1577DBEFB2759C2B18CD4CC44D78424E 968164 ----a-w- C:\Users\Beast\AppData\Roaming\Kodi\addons\packages\plugin.video.exodus-2.0.13.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3473739808-715647190-2127078386-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Start WingMan Profiler"="C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui" "Launch LCore"="C:\Program Files\Logitech Gaming Software\LCore.exe /minimized" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ConduitFloatingPlugin_lcnnhcneegeeojhgpfijnlnocjdmlaon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ConduitFloatingPlugin_lcnnhcneegeeojhgpfijnlnocjdmlaon" "hkey"="HKCU" "command"="\"C:\\Windows\\SysWOW64\\Rundll32.exe\" \"C:\\Users\\Beast\\AppData\\Roaming\\ValueApps\\CH\\TBVerifier.dll\",RunConduitFloatingPlugin lcnnhcneegeeojhgpfijnlnocjdmlaon" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DAEMON Tools Lite" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GarminExpressTrayApp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GarminExpressTrayApp" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Garmin\\Express Tray\\ExpressTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OscarEditor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="OscarEditor" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\MOUSE Editor\\MouseEditor.exe\" Minimum" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29/03/2016 19:18] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29/03/2016 19:18] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (Beast)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe] "C:\Windows\SysNative\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe] "C:\Windows\SysNative\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe] "C:\Windows\SysNative\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe] "C:\Windows\SysNative\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe] "C:\Windows\SysNative\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe] "C:\Windows\SysNative\tasks\SafeZone scheduled Autoupdate 1458748759" [C:\Program Files\AVAST Software\SZBrowser\launcher.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\USER_ESRV_SVC_WILLAMETTE" ["C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"] "C:\Windows\SysNative\tasks\AVAST Software\Avast settings backup" [C:\Program Files\Common Files\AV\avast Antivirus\backup.exe] "C:\Windows\SysNative\tasks\Intel\Intel Telemetry 2" [C:\Program Files\Intel\Telemetry 2.0\lrio.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Beast\AppData\Roaming\Mozilla\Firefox\Profiles\6d2ypipm.default user_pref("browser.startup.homepage", "www.google.be"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [07/10/2016 08:15] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [07/10/2016 08:15] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Beast\AppData\Roaming\Mozilla\Firefox\Profiles\6d2ypipm.default - HTTPS-Everywhere - %ProfilePath%\extensions\https-everywhere-eff@eff.org - Disconnect - %ProfilePath%\extensions\2.0@disconnect.me.xpi - YouTube Control Center - %ProfilePath%\extensions\jid1-CikLKKPVkw6ipw@jetpack.xpi - Undo Closed Tabs Button - %ProfilePath%\extensions\undoclosedtabsbutton@supernova00.biz.xpi - SmoothWheel AMO - %ProfilePath%\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi - Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== After Reboot ====================== ==== EOF on wo 02/11/2016 at 11:46:48,41 ======================