Zoek.exe v5.0.0.1 Updated 19-September-2016 Tool run by Beast on wo 23/11/2016 at 17:41:47,28. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Beast\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2016-11-02-094903.log 20038 bytes C:\zoek-results2016-11-02-104648.log 21133 bytes C:\zoek-results2016-11-02-124434.log 9651 bytes C:\zoek-results2016-11-03-094922.log 31138 bytes C:\zoek-results2016-11-03-121954.log 8279 bytes ==== Installed Programs ====================== æTorrent 7-Zip 16.04 (x64 edition) Adobe Flash Player 23 NPAPI Ansel ANT Drivers Installer x64 Auslogics DiskDefrag Avast Free Antivirus Canon Utilities Digital Photo Professional 3.3 Canon Utilities EOS Utility CCleaner D3DX10 DAEMON Tools Lite Elevated Installer FEZ version 1.11 Foxit Reader Garmin Express Garmin Express Tray Google Chrome Google Update Helper Gramblr Grand Theft Auto V HD Tune 2.55 HWiNFO64 Version 4.26 Intel(R) Driver Update Utility 2.6 Intel(R) Management Engine Components Intel(R) Network Connections 18.0.1.0 Intel(R) Processor Graphics Intel(R) Product Improvement Program Intel(R) USB 3.0 eXtensible Host Controller Driver Intel© Trusted Connect Service Client K-Lite Codec Pack 10.2.0 Full Kodi Logitech Gaming Software Logitech Gaming Software 5.10 Logitech Gaming Software 8.78 Malwarebytes Anti-Malware versie 2.2.1.1043 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.1 (Nederlands) Microsoft .NET Framework 4.6.1 (NLD) Microsoft Application Error Reporting Microsoft ASP.NET MVC 4 Runtime Microsoft Office Excel Viewer Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 MiniLyrics Mouse Editor MOUSE Editor Movie Maker Mozilla Firefox 49.0.2 (x86 nl) Mozilla Maintenance Service MSVCRT MSVCRT110 MSVCRT110_amd64 MusicBee 2.3 NetSpeedMonitor 2.5.4.0 x64 NVIDIA-configuratiescherm 368.81 NVIDIA 3D Vision controllerstuurprogramma 364.44 NVIDIA Backend NVIDIA Container NVIDIA Elevated User Container NVIDIA GeForce Experience 3.0.7.34 NVIDIA Grafisch stuurprogramma 368.81 NVIDIA HD Audio-stuurprogramma 1.3.34.15 NVIDIA Install Application NVIDIA LocalSystem Container NVIDIA Message Bus for NvContainer NVIDIA NetworkService Container NVIDIA PhysX Systeem Software 9.16.0318 NVIDIA ShadowPlay 2.13.0.21 Nvidia Share NVIDIA Update 2.13.0.21 NVIDIA Update Core NVIDIA User Container NVIDIA Virtual Audio 1.2.41 NVIDIA Watchdog Plugin for NvContainer NVIDIA Wireless Controller Service NvNodejs NvTelemetry OpenAL Photo Common Photo Gallery Realtek High Definition Audio Driver Reliability Update for Microsoft .NET Framework 4.6.1 (KB3179949) Revo Uninstaller 2.0.1 Rockstar Games Social Club SafeZone Stable 1.51.2220.62 Secunia PSI (3.0.0.10004) Security Update for Microsoft .NET Framework 4.6.1 (KB3122661) Security Update for Microsoft .NET Framework 4.6.1 (KB3127233) Security Update for Microsoft .NET Framework 4.6.1 (KB3136000) Security Update for Microsoft .NET Framework 4.6.1 (KB3136000v2) Security Update for Microsoft .NET Framework 4.6.1 (KB3142037) Security Update for Microsoft .NET Framework 4.6.1 (KB3143693) Security Update for Microsoft .NET Framework 4.6.1 (KB3164025) SHIELD Streaming SHIELD Wireless Controller Driver Sony Mobile Update Engine Sony PC Companion 2.10.303 SoulseekQt Speccy SpywareBlaster 5.5 SSDlife Free Steam Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) SUPERAntiSpyware TreeSize Free V3.4.5 Unlocker 1.9.2 VC_CRT_x64 VLC media player Vulkan Run Time Libraries 1.0.11.1 Vulkan Run Time Libraries 1.0.3.0 WhoCrashed 5.03 Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinRAR 5.00 (64-bit) Xperia Companion-service Xperia Companion ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Secunia\PSI\sua.exe C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Beast\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==== System Specs ====================== Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 8082 MB CPU Info: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz CPU Speed: 3390,0 MHz Sound Card: Luidsprekers (Realtek High Defi | SAMSUNG-4 (NVIDIA High Definiti | Realtek Digital Output(Optical) | Realtek Digital Output (Realtek | Display Adapters: NVIDIA GeForce GTX 770 | NVIDIA GeForce GTX 770 | NVIDIA GeForce GTX 770 | NVIDIA GeForce GTX 770 | Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Dell U2312HM DVI | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Intel(R) Ethernet Connection I217-V CD / DVD Drives: 2x (D: | G: | ) D: TSSTcorpCDDVDW SH-224DB | G: DTSOFT BDROM Ports: COM1 LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 223,5GB | E: 1863,0GB | F: 1863,0GB Hard Disks - Free: C: 52,5GB | E: 17,4GB | F: 3,3GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 05/16/13 | ALASKA - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: Gigabyte Technology Co., Ltd. Z87X-D3H-CF Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== AV: Avast Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Avast Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} Default Browser: Google Chrome 54.0.2840.99 Internet Explorer Version: 11.0.9600.18524 Mozilla Firefox version: 49.0.2 (x86 nl) Google Chrome version: 54.0.2840.99 Flash Player version: 23.0.0.207 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Beast\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2016-11-09 17:00:21 CF67F56D3D87BB166E7C758BA72EF9B3 20304896 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2016-11-09 17:00:21 9263229A4663D0D59B9752D5EE12B35A 13654016 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2016-11-09 17:00:21 44F1DBF504F90BA317207151D78E1345 4608000 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2016-11-09 17:00:20 F1FBB48FE52C96E6FD0F3EBDF1C124C2 261120 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2016-11-09 17:00:20 E56CD79BCE4382B62D36842481FC0C71 1314112 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2016-11-09 17:00:20 E445E3C13FA123149122D9E5C7CC49C2 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2016-11-09 17:00:20 B28D24BE79655AA49DE182B2B425D7D2 2055680 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2016-11-09 17:00:20 78C2B9F66D4242AA9CC0A8693E2001F9 2291712 ----a-w- C:\Windows\SysWOW64\MSVidCtl.dll 2016-11-09 17:00:20 75ED258371A0A40705B68B0EA8357A46 187392 ----a-w- C:\Windows\SysWOW64\UIAnimation.dll 2016-11-09 17:00:20 3BAB11E3100E91D322BB2968E4288721 4000488 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2016-11-09 17:00:20 27AB472295602A88D28E21B69CBC241D 1312256 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2016-11-09 17:00:20 19465502D25C5B7D54B792E3695C2A90 2444800 ----a-w- C:\Windows\SysWOW64\wininet.dll 2016-11-09 17:00:20 1741BDC6EF1DC754517D9861BFC4AB43 2287616 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2016-11-09 17:00:20 04B9CB2F81994A2E3A32DCC3E297C647 3944680 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2016-11-09 17:00:19 FFE8DC32786ED2CFF21AB907A51B332D 126976 ----a-w- C:\Windows\SysWOW64\tintlgnt.ime 2016-11-09 17:00:19 DFA4FC62E591AFE142B21D11DE145687 581632 ----a-w- C:\Windows\SysWOW64\oleaut32.dll 2016-11-09 17:00:19 DE77051857B9424A1D84D0FA9EE0EF91 279040 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2016-11-09 17:00:19 DACADD12EAB0D4105C67BC1A4CB0BE04 1027584 ----a-w- C:\Windows\SysWOW64\IMJP10.IME 2016-11-09 17:00:19 D789020BC53B58C59791AB6087034A61 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2016-11-09 17:00:19 D4798407E750CDA7C3885D5B8E37403F 125952 ----a-w- C:\Windows\SysWOW64\chajei.ime 2016-11-09 17:00:19 C49F9656E525DE61C01A599A2776BCBC 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2016-11-09 17:00:19 C45CD99002A4BA7F14842375E1C442F3 430080 ----a-w- C:\Windows\SysWOW64\imkr80.ime 2016-11-09 17:00:19 AF40161FD6CC6F243A6E3F2181CA7FD0 125952 ----a-w- C:\Windows\SysWOW64\cintlgnt.ime 2016-11-09 17:00:19 A116C624FF8D9522C0FB7271B8679075 67584 ----a-w- C:\Windows\SysWOW64\asycfilt.dll 2016-11-09 17:00:19 9A7331C81A4625AADBF0A469D9F1876C 416256 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2016-11-09 17:00:19 9A46231F565ECA4FEA9AA3DD4CAFDE55 342528 ----a-w- C:\Windows\SysWOW64\certcli.dll 2016-11-09 17:00:19 7AC6ACDBF5FAF53F786E66D43635C819 90112 ----a-w- C:\Windows\SysWOW64\pintlgnt.ime 2016-11-09 17:00:19 5A8B4C901136F17B418119C8B9DE31FA 346320 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2016-11-09 17:00:19 596D1F332737FFC909E1C821A3238D28 308456 ----a-w- C:\Windows\SysWOW64\atmfd.dll 2016-11-09 17:00:19 579E21723234BB05DC46B19C3BC65CCD 125952 ----a-w- C:\Windows\SysWOW64\qintlgnt.ime 2016-11-09 17:00:19 57563CF814A18670233C0812D0A114C2 230400 ----a-w- C:\Windows\SysWOW64\webcheck.dll 2016-11-09 17:00:19 4EEBE5DC0562FEE73714C7B8DB6E754B 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2016-11-09 17:00:19 4C7A52467D41DE158258A551C49CC169 829952 ----a-w- C:\Windows\SysWOW64\msctf.dll 2016-11-09 17:00:19 474E6D5718A08617EF48699DAC1C67EE 125952 ----a-w- C:\Windows\SysWOW64\phon.ime 2016-11-09 17:00:19 435C9129A479D912F53292DBDA5B1191 125952 ----a-w- C:\Windows\SysWOW64\quick.ime 2016-11-09 17:00:19 3528127B3B004A5A41245E11DD14B64D 701440 ----a-w- C:\Windows\SysWOW64\IMJP10K.DLL 2016-11-09 17:00:19 31CA273CC39FB99AA8E784A190E58074 202240 ----a-w- C:\Windows\SysWOW64\input.dll 2016-11-09 17:00:19 1BB1926737665BA62EC87284A069B0D1 693248 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2016-11-09 17:00:19 001A349F5C7C0A98F5957BAC52F58F80 741888 ----a-w- C:\Windows\SysWOW64\inetcomm.dll 2016-11-09 17:00:18 F78A44DB62D8708B105F25B49A173602 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2016-11-09 17:00:18 DE8821DA97BB8FA07C3970BD458205B6 644096 ----a-w- C:\Windows\SysWOW64\advapi32.dll 2016-11-09 17:00:18 D44A18C1EEAAF7E771B360DDCFC48518 553472 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2016-11-09 17:00:18 CCCA649EECB2190BC5A3F829B6A3979A 663552 ----a-w- C:\Windows\SysWOW64\jscript.dll 2016-11-09 17:00:18 CBA76F0D87ED8F481CD87B023EFD64AF 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2016-11-09 17:00:18 C7A3FE59BE6BA47DA76A3625D01AEA9C 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2016-11-09 17:00:18 C32B5B864280341387808AD232D62E38 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2016-11-09 17:00:18 BBBDF09B55103BB7AEFD348584CFBF00 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2016-11-09 17:00:18 B91D88F3279FF2290F2C7CDD71971B5B 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-11-09 17:00:18 B218155D45399E742554ECFD5D9173EA 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2016-11-09 17:00:18 B147CA73C74AB89ED784328C9DB286D2 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2016-11-09 17:00:18 A583CFFE53566F9A7C292250A75843D6 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2016-11-09 17:00:18 9F55D5E1D7C62F51F021F2B81F51FC62 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll 2016-11-09 17:00:18 953B036B621A8300705ADA7696D0612D 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2016-11-09 17:00:18 8C1B4231DF981A8D95D0B58799DD7A35 254464 ----a-w- C:\Windows\SysWOW64\schannel.dll 2016-11-09 17:00:18 889BE428534CB9E1AB42805F7A35B18E 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2016-11-09 17:00:18 73BDA490A7B9FE900AFEF093F572EB42 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll 2016-11-09 17:00:18 72A61A1205F5C7626C39A4C8C1EE2966 91136 ----a-w- C:\Windows\SysWOW64\inseng.dll 2016-11-09 17:00:18 659867EFA2105808220C3B5BFD696285 84480 ----a-w- C:\Windows\SysWOW64\INETRES.dll 2016-11-09 17:00:18 6180C8A0C24065007BC34A3098BB0E4B 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2016-11-09 17:00:18 5FEA608549A47841C77C0FF088D2B980 498688 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2016-11-09 17:00:18 5E0DEF87D65768C38758254A8AB05180 25600 ----a-w- C:\Windows\SysWOW64\lpk.dll 2016-11-09 17:00:18 5D58A9A092CC9F1AEAF8A2CFCFFF5B95 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll 2016-11-09 17:00:18 582B1574976A53112A600CC523D353AC 275456 ----a-w- C:\Windows\SysWOW64\KernelBase.dll 2016-11-09 17:00:18 5608FACC9ADDCE0EE8BD084EE968EFB4 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2016-11-09 17:00:18 491E239A590051D2ACE3AA514BDFE82D 141312 ----a-w- C:\Windows\SysWOW64\rpchttp.dll 2016-11-09 17:00:18 44E7D66C3F0E2896239B03073714AF19 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2016-11-09 17:00:18 44A80962762BBE125D7593E6F62F58BF 476160 ----a-w- C:\Windows\SysWOW64\ieui.dll 2016-11-09 17:00:18 441766E9D3DC1548799F16F3B1464037 10240 ----a-w- C:\Windows\SysWOW64\dciman32.dll 2016-11-09 17:00:18 39EB5BE5CFADE72D973A7F5E088EB7EE 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2016-11-09 17:00:18 35AED5EB93D4476259A1AB573149FD81 341504 ----a-w- C:\Windows\SysWOW64\html.iec 2016-11-09 17:00:18 31D2C45DC57BFD796097045B1820E2BE 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll 2016-11-09 17:00:18 2C9CD83111AE1B18A7331C66EDF4969D 666112 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll 2016-11-09 17:00:18 23407251A65842CA98769FC06288169F 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2016-11-09 17:00:18 228CF2CB0632BB822D8700EB681EE934 36352 ----a-w- C:\Windows\SysWOW64\cryptbase.dll 2016-11-09 17:00:18 12E21F14F3A8E16DE2714064A733B44F 130048 ----a-w- C:\Windows\SysWOW64\occache.dll 2016-11-09 17:00:18 12340D95B5AF0497DDB0DB98CA301B4E 223232 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2016-11-09 17:00:18 0A1A9619E1D22971E92B0F0CAFB69147 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2016-11-09 17:00:18 08D4B51D253445837FF74786FFAE2523 50688 ----a-w- C:\Windows\SysWOW64\appidapi.dll 2016-11-09 17:00:17 D7D84D597FDB84C9B265A1F14A50D1BE 690688 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2016-11-09 17:00:17 AD15B935EAFBC9B95102FDE45C12043C 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2016-11-09 17:00:17 899F09C4FBEB5B57213061153908C963 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2016-11-09 17:00:17 6A519FC9FC2FFAFC7A98237D1AFDB2BB 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2016-11-09 17:00:17 5EFA8E04BB2364CF18C07918F3661C4B 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll 2016-11-09 17:00:17 41446E17E2EF8363719487295B188C7B 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2016-11-09 17:00:17 0B329D1E1E7BCEED71BFFE22C69A1CCC 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2016-11-09 17:00:22 3F23D0F5A8FCE133E0E19FB044F2DCB6 25763328 ----a-w- C:\Windows\Sysnative\mshtml.dll 2016-11-09 17:00:21 A131BD24873EC3458C6D95B9C2551223 6047744 ----a-w- C:\Windows\Sysnative\jscript9.dll 2016-11-09 17:00:21 1F5A9411002BF021C16628D757C59467 15257088 ----a-w- C:\Windows\Sysnative\ieframe.dll 2016-11-09 17:00:20 FAAB5EC8BC5A0F5F15B7BB73798188B2 631176 ----a-w- C:\Windows\Sysnative\winresume.efi 2016-11-09 17:00:20 F66A08C7C6C44080BE352D4B770C1F59 1462272 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2016-11-09 17:00:20 ECFCBD328C57E6EE2966B52A179016AE 2920448 ----a-w- C:\Windows\Sysnative\wininet.dll 2016-11-09 17:00:20 C3C2755B262F02FE10B3AE42D814879B 3219456 ----a-w- C:\Windows\Sysnative\win32k.sys 2016-11-09 17:00:20 A934C95049C5B41DE81D6A11D0E9CB05 2896384 ----a-w- C:\Windows\Sysnative\iertutil.dll 2016-11-09 17:00:20 92C29FF58CF827692A72FA122854EB29 5547752 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2016-11-09 17:00:20 7F0729442EADB6425634505B743398F0 221184 ----a-w- C:\Windows\Sysnative\UIAnimation.dll 2016-11-09 17:00:20 79A45B5E239F9B9321C91126BAED68E6 1732864 ----a-w- C:\Windows\Sysnative\ntdll.dll 2016-11-09 17:00:20 6CCAD181B5120CD5822D91A5583907F1 3649536 ----a-w- C:\Windows\Sysnative\MSVidCtl.dll 2016-11-09 17:00:20 67BACF78C7034AA407933BAD373B35FF 382696 ----a-w- C:\Windows\Sysnative\atmfd.dll 2016-11-09 17:00:20 4E5685327B34790AE892DF897555950F 1543680 ----a-w- C:\Windows\Sysnative\urlmon.dll 2016-11-09 17:00:20 3891EA60B84EFE115CE070311FA83BBB 370920 ----a-w- C:\Windows\Sysnative\clfs.sys 2016-11-09 17:00:20 25FFCF91BDD27539AB151C5AE93F504E 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2016-11-09 17:00:20 24D8C00C467A61D68A5E7EAAB5C478CB 316928 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2016-11-09 17:00:20 1D8EB08A2CEAFBE0A1C59D293EF728D5 706792 ----a-w- C:\Windows\Sysnative\winload.efi 2016-11-09 17:00:19 FAF3A8ED74438524DD041DFC8F705E8F 457216 ----a-w- C:\Windows\Sysnative\imkr80.ime 2016-11-09 17:00:19 EBDF13A76F776A46D8ACC6D9A9FA6E29 175104 ----a-w- C:\Windows\Sysnative\qintlgnt.ime 2016-11-09 17:00:19 E918050D8256CF1D8E5445DFD47858BD 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2016-11-09 17:00:19 C6E26D95BEE05EDC8192D4EA582BBC0D 84992 ----a-w- C:\Windows\Sysnative\asycfilt.dll 2016-11-09 17:00:19 C6B55B3EE3A52D875262CC9B4BDE0434 2131456 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2016-11-09 17:00:19 C5D926B411F7D1AF7933D93CAD77A4F0 1148416 ----a-w- C:\Windows\Sysnative\IMJP10.IME 2016-11-09 17:00:19 C4D64CD51350A41BC9927610A72C5375 489984 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2016-11-09 17:00:19 C1EDF38682613357B9B6393BDA8C7F4B 132608 ----a-w- C:\Windows\Sysnative\pintlgnt.ime 2016-11-09 17:00:19 BA212E008752C47D39FE38A158F3570F 615936 ----a-w- C:\Windows\Sysnative\ieui.dll 2016-11-09 17:00:19 A967FC1415366B4493EF45D4020836EE 976896 ----a-w- C:\Windows\Sysnative\inetcomm.dll 2016-11-09 17:00:19 A5CF57DB0A097010615BF0438ECBF91E 725504 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2016-11-09 17:00:19 9C747660E28B7D1A17B85A1E45D54A99 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2016-11-09 17:00:19 946B6D5ED0C8D6705EDC3B7B36D88602 463872 ----a-w- C:\Windows\Sysnative\certcli.dll 2016-11-09 17:00:19 906414D610D234B69B9C000C5293A42C 175104 ----a-w- C:\Windows\Sysnative\cintlgnt.ime 2016-11-09 17:00:19 8D81291A03E00B76A14A4324FACE8487 878080 ----a-w- C:\Windows\Sysnative\IMJP10K.DLL 2016-11-09 17:00:19 8567C536C923941859615E0377EFF06A 877056 ----a-w- C:\Windows\Sysnative\oleaut32.dll 2016-11-09 17:00:19 62589BC2175B1B7025FD679EDB60213C 176128 ----a-w- C:\Windows\Sysnative\tintlgnt.ime 2016-11-09 17:00:19 526E62DEF3A178FF5BD920486A1E3FE8 175104 ----a-w- C:\Windows\Sysnative\quick.ime 2016-11-09 17:00:19 507098FC09418BC9F75D20398E702F2E 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2016-11-09 17:00:19 4B913C4E7EACC3A2441C78864DFA6D17 175104 ----a-w- C:\Windows\Sysnative\chajei.ime 2016-11-09 17:00:19 47CF5397595827DD5E63D6E4115171DE 246784 ----a-w- C:\Windows\Sysnative\input.dll 2016-11-09 17:00:19 4101B0A44D8C66A4EDC26F7E8FEA1B04 394440 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2016-11-09 17:00:19 357F13C0FDF9B3FF6899AB9155EB6BF2 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll 2016-11-09 17:00:19 30B206F2C7B29B53F501B6522ACEDA14 315392 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2016-11-09 17:00:19 2CA3BD41D0A6A94A91B8FFA0D9B79E2B 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2016-11-09 17:00:19 27BACCB4856BEC0DD4A794531BB13AAA 1068544 ----a-w- C:\Windows\Sysnative\msctf.dll 2016-11-09 17:00:19 0622A1F4DBC57DB61D9C6F137E3188AE 175104 ----a-w- C:\Windows\Sysnative\phon.ime 2016-11-09 17:00:19 045BEC956EBE7320CF736CBCBC2E8AE3 806912 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2016-11-09 17:00:18 FFBA0B0CD143EFB3EF4E5EF2ECC5F200 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll 2016-11-09 17:00:18 F9842669B31F20B8B157D33CCC457820 34816 ----a-w- C:\Windows\Sysnative\appidsvc.dll 2016-11-09 17:00:18 F8859139D6579EB096C20410DCF0D7D9 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2016-11-09 17:00:18 EAB56B1ABB511154630D149938359C88 100864 ----a-w- C:\Windows\Sysnative\fontsub.dll 2016-11-09 17:00:18 E9CAA043E0628541A99C8AE05D081CF9 730624 ----a-w- C:\Windows\Sysnative\kerberos.dll 2016-11-09 17:00:18 E21493887E77353FD489699848EC84F0 338432 ----a-w- C:\Windows\Sysnative\conhost.exe 2016-11-09 17:00:18 DE60EA15DA87FAF5E0B6FEBE17EBD881 817664 ----a-w- C:\Windows\Sysnative\jscript.dll 2016-11-09 17:00:18 DC33E2C20D40A56F9FDDBA6DDE01B046 1212928 ----a-w- C:\Windows\Sysnative\rpcrt4.dll 2016-11-09 17:00:18 CEFD8C5BB2E9BD14A39540517464B021 28672 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2016-11-09 17:00:18 C6D4354A57864E970290E971447A20A3 417792 ----a-w- C:\Windows\Sysnative\html.iec 2016-11-09 17:00:18 BBCAD604A848F959CCF81ECBDC8BB8C4 1163264 ----a-w- C:\Windows\Sysnative\kernel32.dll 2016-11-09 17:00:18 B59BF151A214538720F3EB9134C9EF22 345600 ----a-w- C:\Windows\Sysnative\schannel.dll 2016-11-09 17:00:18 B4EEDFCB3049F8C074B748036D1DA2C6 503808 ----a-w- C:\Windows\Sysnative\srcore.dll 2016-11-09 17:00:18 B312BD44E030F8C8F64C02DFE8F3F69B 43520 ----a-w- C:\Windows\Sysnative\cryptbase.dll 2016-11-09 17:00:18 B0DB2A055F15AE42228D18237EDB92B2 50176 ----a-w- C:\Windows\Sysnative\srclient.dll 2016-11-09 17:00:18 B029D3710298FE55B65145F3A0BB3F2F 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2016-11-09 17:00:18 AE1E16AACBFA9EC432C1E65847CB077A 14336 ----a-w- C:\Windows\Sysnative\dciman32.dll 2016-11-09 17:00:18 AAAA2A9B0B7BD0EB903997A3D1865B6D 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2016-11-09 17:00:18 A885F632B62F30B269E925B4D0142F22 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2016-11-09 17:00:18 A878C2E0BBC9830FA9C7ADDD08A728BC 243712 ----a-w- C:\Windows\Sysnative\wow64.dll 2016-11-09 17:00:18 A84539CF60070F84084FE405E6168899 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2016-11-09 17:00:18 A7830341DD6650A833AAD0B4C5312920 152064 ----a-w- C:\Windows\Sysnative\occache.dll 2016-11-09 17:00:18 A5794B1E3ACEF48E716F0A89C83C1AEA 215552 ----a-w- C:\Windows\Sysnative\winsrv.dll 2016-11-09 17:00:18 A4BDB0372693A539C21D4C7D21CC0C46 112640 ----a-w- C:\Windows\Sysnative\smss.exe 2016-11-09 17:00:18 934E5A6D6A9DCAC7470BD7D2486DA9B8 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2016-11-09 17:00:18 92F10AB561C3E414370757683A711F36 210432 ----a-w- C:\Windows\Sysnative\wdigest.dll 2016-11-09 17:00:18 92DAF7D21711117B007608CB50FBD2E2 30720 ----a-w- C:\Windows\Sysnative\lsass.exe 2016-11-09 17:00:18 84D60E1DCD541DBD7689303169E878EB 312320 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2016-11-09 17:00:18 7DB4D1964F00B4F31F72CC9B049FDC47 419840 ----a-w- C:\Windows\Sysnative\KernelBase.dll 2016-11-09 17:00:18 745C19F76540C3CCE69EB49592739268 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2016-11-09 17:00:18 72164450A57F51D1100D982D84A9C976 41472 ----a-w- C:\Windows\Sysnative\lpk.dll 2016-11-09 17:00:18 705857211244642D5185CE888FEE37A5 148480 ----a-w- C:\Windows\Sysnative\appidpolicyconverter.exe 2016-11-09 17:00:18 6E2FF8F3D6537A86077CA060ABDD6479 63488 ----a-w- C:\Windows\Sysnative\setbcdlocale.dll 2016-11-09 17:00:18 66785B768A51C639DBE0A3933EF43614 135680 ----a-w- C:\Windows\Sysnative\sspicli.dll 2016-11-09 17:00:18 614755AC95787735029EE4F0658F2295 59904 ----a-w- C:\Windows\Sysnative\appidapi.dll 2016-11-09 17:00:18 59B87DB9D710F0512779397840394E6D 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2016-11-09 17:00:18 501B99095153384685FBF03062E0C0D7 107520 ----a-w- C:\Windows\Sysnative\inseng.dll 2016-11-09 17:00:18 46C1D2F6905B5324C3C3082F039F8B87 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2016-11-09 17:00:18 462BFB0F420BC21C24D7B662B87280AD 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll 2016-11-09 17:00:18 45FF3A9FB53826612E26F9F918AE3EB5 17920 ----a-w- C:\Windows\Sysnative\appidcertstorecheck.exe 2016-11-09 17:00:18 411438B1CD2BF12203E89DD85CA42DEF 44032 ----a-w- C:\Windows\Sysnative\csrsrv.dll 2016-11-09 17:00:18 3CE16F9593CD8B6BE9E083074D151C18 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2016-11-09 17:00:18 36357C57AF72805D1D74CE65480E6600 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll 2016-11-09 17:00:18 3311BD3B38C290B1D5CBFAA65881627A 84480 ----a-w- C:\Windows\Sysnative\INETRES.dll 2016-11-09 17:00:18 330D6700D0D1526A9F347942EC22AFB5 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2016-11-09 17:00:18 2EE416FDC963693E90DF661FA2D053ED 576000 ----a-w- C:\Windows\Sysnative\vbscript.dll 2016-11-09 17:00:18 2E6AEFD4871E7504C8271EE8CB60A3EA 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2016-11-09 17:00:18 2D074BA976DCDB990BC6CCA8D57D801E 190464 ----a-w- C:\Windows\Sysnative\rpchttp.dll 2016-11-09 17:00:18 2ACB05039D65C007CDB380430F6AC196 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2016-11-09 17:00:18 247A064BB64059F92C01FBC24DC41A3A 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2016-11-09 17:00:18 1526FAAB2EB2F52C84715302AAF5471E 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe 2016-11-09 17:00:18 13AF560F1824C8919F2F1E27DEBF1A06 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll 2016-11-09 17:00:18 0F7E768079F32702FEDEC872F21F0524 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2016-11-09 17:00:18 00DD8E860A4653AC73D4BA35B4DE26EF 880640 ----a-w- C:\Windows\Sysnative\advapi32.dll 2016-11-09 17:00:17 F63F91CAB45E6B38ECC4CF211931E0B2 690688 ----a-w- C:\Windows\Sysnative\adtschema.dll 2016-11-09 17:00:17 966D94194277930A0B474443D5622C1B 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll 2016-11-09 17:00:17 3A2BBD55E1C854CE05028C952B7FFFE0 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2016-11-09 17:00:17 102D3DF56F1F6B2570F5CF6CF6B58F2E 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll ====== C:\Windows\Sysnative\drivers ===== 2016-11-09 17:00:19 E4A599EDFAAB66C2BC17FB1593DC129B 154856 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2016-11-09 17:00:19 ABA3984C822E4D3F889699912D85D6C5 90112 ----a-w- C:\Windows\Sysnative\drivers\bowser.sys 2016-11-09 17:00:19 1F4B52A496A43C65AB0F26169650FAF2 95464 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2016-11-09 17:00:18 F7622CFE3402A9BF10227BB124901E54 129536 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2016-11-09 17:00:18 8DF2B80510F438CFEC479181BD29C794 291328 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2016-11-09 17:00:18 25F918BB5D57C99FFEB0255143D0DF9A 159744 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2016-11-09 17:00:18 0CD7BFDE151223C6976C5D1B3D49EB84 62464 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2016-11-07 11:08:26 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-11-09 18:37:25 -------- d-----w- C:\Program Files\7-Zip 2016-11-08 15:50:51 -------- d-----w- C:\Program Files\Sony 2016-11-01 13:48:04 -------- d-----w- C:\Program Files\Gramblr ======= C:\PROGRA~2 ===== 2016-11-03 21:08:57 -------- d-----w- C:\PROGRA~2\FEZ 2016-11-03 21:01:38 -------- d-----w- C:\PROGRA~2\R.G. Mechanics ======= C: ===== 2016-11-01 10:01:21 B8E0F17848334EC2B49C6C9FB5AE9606 1728 ----a-w- C:\DelFix.txt ====== C:\Users\Beast\AppData\Roaming ====== 2016-11-08 15:51:13 -------- d-----w- C:\Users\Beast\AppData\Roaming\Apple Computer 2016-11-03 21:09:32 -------- d-----w- C:\Users\Beast\AppData\Roaming\FEZ 2016-11-03 21:02:13 ACEF49DB01BDACBF5B89201A3DED8329 12005 ----a-w- C:\Users\Beast\AppData\Roaming\alsoft.ini 2016-11-03 12:11:26 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2016-11-03 12:11:26 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2016-11-03 12:11:26 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2016-11-03 12:11:26 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2016-11-03 12:11:26 -------- d-----w- C:\Users\Beast\AppData\Local\Temp 2016-11-01 14:03:16 F71211B6AA933CE90C9C9715DA658025 139056 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2016-11-01 11:00:35 9469FEEDF3D01A3CB16D64832D10A4E8 58016 ----a-w- C:\Users\Beast\AppData\Local\GDIPFONTCACHEV1.DAT 2016-10-26 20:52:17 -------- d-----w- C:\Users\Beast\AppData\Local\Sony ====== C:\Users\Beast ====== 2016-11-09 18:37:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2016-11-09 18:27:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 2016-11-05 09:58:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2016-11-05 09:58:33 -------- d-----w- C:\ProgramData\Package Cache 2016-11-03 21:09:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FEZ 2016-11-01 13:48:03 -------- d-----w- C:\ProgramData\Gramblr 2016-10-27 11:39:58 -------- d-----w- C:\ProgramData\RELOADED 2016-10-26 11:47:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller ====== C: exe-files == 2016-11-22 18:40:44 EEA53F8F5596F1B7AEC447F7A210D5BE 9763848 ----a-w- C:\Users\Beast\AppData\Local\NVIDIA\NvBackend\Packages\000097a4\DAO.21398946.exe 2016-11-22 16:52:52 511731B5707C71A4DA5A3F564137F66D 346512 ----a-w- C:\Users\Beast\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2016-11-22 16:52:48 5285F0F1FC2C642E349CD0B183554E29 403856 ----a-w- C:\Users\Beast\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2016-11-22 09:46:02 E8EF1477B7F57B750433D5A67E3DF9F9 841608 ----a-w- C:\Users\Beast\AppData\Local\IE Tab\9.11.21.1\ietabhelper.exe 2016-11-20 21:50:16 BB563C884764DC0342B1622207BA02E5 390144 ----a-w- C:\Users\Beast\AppData\Roaming\uTorrent\updates\3.4.9_42923\utorrentie.exe 2016-11-20 21:24:46 13B544153B29EB29729E0C30C4219CCD 2145472 ----a-w- C:\Users\Beast\AppData\Roaming\uTorrent\updates\3.4.9_42923.exe 2016-11-17 19:26:26 54CAC87B5623141BDED15F97EB7F25A3 2259448 ----a-w- C:\Users\Beast\AppData\Local\Google\Chrome\User Data\SwReporter\14.81.1\software_reporter_tool.exe === C: other files == 2016-11-22 22:55:00 8EC86D39B2453C393D92A38B928E50D2 296592 ----a-w- C:\Users\Beast\AppData\Roaming\Kodi\addons\packages\script.icechannel.extn.xunitytalk-0.9.3.zip 2016-11-18 16:10:09 59878009C938B50FF9C9E589FE31AF36 296621 ----a-w- C:\Users\Beast\AppData\Roaming\Kodi\addons\packages\script.icechannel.extn.xunitytalk-0.9.2.zip 2016-11-16 21:56:43 4F10DABB16869956BF660047AF4AF2EA 908820 ----a-w- C:\Users\Beast\AppData\Roaming\Kodi\addons\packages\script.module.urlresolver-3.0.24.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3473739808-715647190-2127078386-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Start WingMan Profiler"="C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui" "Launch LCore"="C:\Program Files\Logitech Gaming Software\LCore.exe /minimized" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DAEMON Tools Lite" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GarminExpressTrayApp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GarminExpressTrayApp" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Garmin\\Express Tray\\ExpressTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OscarEditor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="OscarEditor" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\MOUSE Editor\\MouseEditor.exe\" Minimum" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08/11/2016 17:07] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:;6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29/03/2016 19:18] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (Beast)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe] "C:\Windows\SysNative\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe] "C:\Windows\SysNative\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe] "C:\Windows\SysNative\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe] "C:\Windows\SysNative\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe] "C:\Windows\SysNative\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe] "C:\Windows\SysNative\tasks\SafeZone scheduled Autoupdate 1458748759" [C:\Program Files\AVAST Software\SZBrowser\launcher.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\AVAST Software\Avast settings backup" [C:\Program Files\Common Files\AV\avast Antivirus\backup.exe] "C:\Windows\SysNative\tasks\Intel\Intel Telemetry 2" [C:\Program Files\Intel\Telemetry 2.0\lrio.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Beast\AppData\Roaming\Mozilla\Firefox\Profiles\6d2ypipm.default user_pref("browser.startup.homepage", "www.google.be"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [07/10/2016 08:15] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [07/10/2016 08:15] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Beast\AppData\Roaming\Mozilla\Firefox\Profiles\6d2ypipm.default - HTTPS-Everywhere - %ProfilePath%\extensions\https-everywhere-eff@eff.org - Disconnect - %ProfilePath%\extensions\2.0@disconnect.me.xpi - YouTube Control Center - %ProfilePath%\extensions\jid1-CikLKKPVkw6ipw@jetpack.xpi - Undo Closed Tabs Button - %ProfilePath%\extensions\undoclosedtabsbutton@supernova00.biz.xpi - SmoothWheel AMO - %ProfilePath%\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi - Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Beast\AppData\Roaming\Mozilla\Firefox\Profiles\6d2ypipm.default 83FCFA3C1E0D7523C21CCFBF336D2687 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll - Shockwave Flash ==== Chromium Look ====================== Magic Actions for YouTube - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif Web of Trust - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp Spell Bee - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfbnahffpakjbdlccohcoglcnafhgnhm SimpleUndoClose - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhohdghchmjepmigjojkehidlielknj HTTPS Everywhere - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp Shield For Chrome - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gceighgadbamgchioaofojlblndjcggh Web Timer - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggnjbdfgigejghknieofeahaknkjafim ClickClean - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod Whitelisted domains - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Hover Free - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcmnnggnaofmhflgomfjfbndngdoogkj IE Tab - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd Social Fixer for Facebook - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb Disconnect - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo Momentum - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca Currency Converter - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lncdobdbibdgoiohgnflmjajfphcnakg Google Dictionary (by Google) - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja GetThemAll Video Downloader - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm Save to Pocket - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj Chrome Web Store Payments - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ClickClean App - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp Virtual Keyboard - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflmllfnnabikmfkkaddkoolinlfninn Gmail - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - Beast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user') O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1474114344319 O17 - HKLM\System\CCS\Services\Tcpip\..\{4141A2D9-86A4-4E88-A206-76499ACA61B7}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CS1\Services\Tcpip\..\{4141A2D9-86A4-4E88-A206-76499ACA61B7}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CS2\Services\Tcpip\..\{4141A2D9-86A4-4E88-A206-76499ACA61B7}: NameServer = 8.8.8.8,8.8.4.4 O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe O23 - Service: Windows Connectiviteit voor Gramblr. (gramblrclient) - Unknown owner - C:\Program Files\Gramblr\gramblr.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Logitech Gaming Registry Service (LogiRegistryService) - Logitech Inc. - C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Xperia Companion-service (XperiaCompanionService) - Sony - C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe ==== C:\zoek_backup content ====================== C:\zoek_backup (files=4 folders=2 1140 bytes) ==== EOF on wo 23/11/2016 at 17:44:30,89 ======================