Zoek.exe v5.0.0.0 Updated 23-December-2013
Tool run by Robbert van Soerland on za 28-12-2013 at 17:08:34,72.
Microsoft Windows 8 Pro 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ROBBER~1\AppData\Local\Temp\Rar$DIa0.801\zoek.com [Scan all users] [Script inserted]
==== System Restore Info ======================
28-12-2013 17:09:11 Zoek.exe System Restore Point Created Succesfully.
==== Torpig Check ======================
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll
==== Empty Folders Check ======================
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Origin Games deleted successfully
C:\ProgramData\Oracle deleted successfully
C:\Users\Robbert van Soerland\AppData\Local\CRE deleted successfully
C:\Users\Robbert van Soerland\AppData\Local\NativeMessaging deleted successfully
C:\Users\Robbert van Soerland\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1687467974-2363327161-508467261-1001\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
E:\Fraps\fraps.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Overwolf\Overwolf.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
E:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper.exe
E:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Conduit deleted
C:\ProgramData\APN deleted
C:\ProgramData\Package Cache deleted
C:\Users\Robbert van Soerland\AppData\Local\SearchProtect deleted
C:\Users\Robbert van Soerland\AppData\Local\Programs deleted
C:\Users\Robbert van Soerland\AppData\Local\Conduit deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Programs deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart PC Cleaner deleted
C:\Users\Robbert van Soerland\AppData\LocalLow\Conduit deleted
C:\END deleted
C:\Windows\Syswow64\RegistryHelperLM.ocx deleted
C:\Windows\Syswow64\SearchProtect deleted
==== System Specs ======================
Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 8137 MB
CPU Info: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
CPU Speed: 3403,2 MHz
Sound Card: Speakers (Realtek High Definiti |
Realtek Digital Output (Realtek |
Display Adapters: NVIDIA GeForce GTX 760 | NVIDIA GeForce GTX 760 | NVIDIA GeForce GTX 760 | NVIDIA GeForce GTX 760
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Killer e2200 Gigabit Ethernet Controller (NDIS 6.30)
CD / DVD Drives: 2x (D: | G: | ) D: HL-DT-STDVDRAM GH24NSB0 | G: DTSOFT BDROM
Ports: COM1 LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C: 111,8GB | E: 931,5GB
Hard Disks - Free: C: 70,6GB | E: 656,8GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 09/22/13 | ALASKA - 1072009
Time Zone: W. Europe Standard Time
Motherboard *: MSI Z87-G45 GAMING (MS-7821)
Country: Nederland
Language: NLD
==== System Specs (Software) ======================
Anti-Virus: Windows Defender On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Google Chrome 31.0.1650.63
Internet Explorer Version: 10.0.9200.16750
Opera Browser version: 17.0.1241.45
Google Chrome version: 31.0.1650.63
Sun Java version: 1.7.0_45 (32-bit)
==== Files Recently Created / Modified ======================
====== C:\Windows ====
2013-12-12 15:22:10 2404D5AFE89BFB93B40D66E2F1123D4C 11832 ----a-w- C:\Windows\acpimof.dll
====== C:\Users\ROBBER~1\AppData\Local\Temp ====
2013-12-26 14:02:49 D8443B9F63353C4094664752D9B36E56 207872 ------w- C:\Users\Robbert van Soerland\AppData\Local\Temp\SRLDetectionLibrary2327082358513690246.dll
2013-12-23 17:14:53 D88FBDE5EAED1FAC1D15FE01835D6E25 54137856 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\OverwolfSetup.msi
2013-12-18 19:45:48 7B66ECA3D2EFDF0500CA63B0A4F18AC1 131072 ------w- C:\Users\Robbert van Soerland\AppData\Local\Temp\{4C8E39B7-671E-42E1-B330-FAA1018175BC}\{8A83AB8D-8F49-4DB1-BDF6-D74037508614}\Common.dll
2013-12-18 19:45:48 6C94C1A0C37E47181872E542A70E4074 28672 ------w- C:\Users\Robbert van Soerland\AppData\Local\Temp\{4C8E39B7-671E-42E1-B330-FAA1018175BC}\{8A83AB8D-8F49-4DB1-BDF6-D74037508614}\RTFUtil.dll
2013-12-18 19:45:48 693D110D37331A42B5035E73C447E31D 51200 ------w- C:\Users\Robbert van Soerland\AppData\Local\Temp\{4C8E39B7-671E-42E1-B330-FAA1018175BC}\{8A83AB8D-8F49-4DB1-BDF6-D74037508614}\InstHelp.exe
2013-12-18 19:45:48 5A19E45818366B49CC93B5BC483265E8 286720 ------w- C:\Users\Robbert van Soerland\AppData\Local\Temp\{4C8E39B7-671E-42E1-B330-FAA1018175BC}\{8A83AB8D-8F49-4DB1-BDF6-D74037508614}\CTCabEx.DLL
2013-12-18 19:45:48 32FA757C64FB62F07F3205016656A0A7 368640 ------w- C:\Users\Robbert van Soerland\AppData\Local\Temp\{4C8E39B7-671E-42E1-B330-FAA1018175BC}\{8A83AB8D-8F49-4DB1-BDF6-D74037508614}\_setup.dll
2013-12-18 19:45:48 29C060FABBBAE7B6977AEBC338425B6F 45056 ------w- C:\Users\Robbert van Soerland\AppData\Local\Temp\{4C8E39B7-671E-42E1-B330-FAA1018175BC}\{8A83AB8D-8F49-4DB1-BDF6-D74037508614}\RegEdit.dll
2013-12-18 19:43:58 8407FC98EE367CCB196894F7CD218792 120768 ------w- C:\Users\Robbert van Soerland\AppData\Local\Temp\{57A3E585-7D39-4023-A010-F9E4D01C8925}\ISBEW64.exe
2013-12-16 17:23:12 B4151DA250B8BFA0EB61D875C4F43310 307200 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\CompressionExtraction\RzStorage.dll
2013-12-16 17:23:12 90BC548092D741B73AE25AD7D889156E 104448 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\CompressionExtraction\RzCommon.dll
2013-12-16 17:23:12 766D46FAC89CC817640CBAF50BDDF52D 70656 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\CompressionExtraction\RzStorageIO.dll
2013-12-16 17:23:12 27A43B342F1E09C38FCC08A4F23193D8 141144 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\CompressionExtraction\RzSettingsConverter.exe
2013-12-16 17:22:54 F8B188DFE37B54FB6CCEB9BA948AEAD9 4608 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\fr-FR\RzSynapse.resources.dll
2013-12-16 17:22:54 F4E530E1A841A535FF45D6401586DE1C 5632 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\zh-CN\RzUpdateManager.resources.dll
2013-12-16 17:22:54 EB3D7794BAFD66A6903F1487E4D920B7 5632 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\ru-RU\RzUpdateManager.resources.dll
2013-12-16 17:22:54 E15A1DA2756ABAEE0DEDC1CE8F9FC67F 4608 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\zh-CHT\RzSynapse.resources.dll
2013-12-16 17:22:54 DCFA78A7EE8B7FB18BFF059E8D2EE444 5632 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\de-DE\RzUpdateManager.resources.dll
2013-12-16 17:22:54 DC92C8FD181788FA89933EA07DC9F87D 4608 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\ko-KR\RzSynapse.resources.dll
2013-12-16 17:22:54 CB6E42F8C87DA9680638E18143DC55FE 5632 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\zh-CHT\RzUpdateManager.resources.dll
2013-12-16 17:22:54 C9B5C109A01A01E10B1566E09F2C812B 504832 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\RzUpdateManagerUI.dll
2013-12-16 17:22:54 8A70F81C37025540D41378A9C0DF5796 5632 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\ko-KR\RzUpdateManager.resources.dll
2013-12-16 17:22:54 796DEF5965606F5C7DE90FA4EA8B6E9D 5632 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\fr-FR\RzUpdateManager.resources.dll
2013-12-16 17:22:54 775F3B0C36CF1168ADBC1B057E0470AC 5632 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\ja-JP\RzUpdateManager.resources.dll
2013-12-16 17:22:54 6DED8FCBF5F1D9E422B327CA51625E24 462336 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\Ionic.Zip.dll
2013-12-16 17:22:54 6C8423B24CA645CE99944A5943A969FB 5632 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\es-ES\RzUpdateManager.resources.dll
2013-12-16 17:22:54 6AD2D6FDBECD538DDC02A882D5820E1A 4608 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\pt-BR\RzSynapse.resources.dll
2013-12-16 17:22:54 5E2485699584969BEB70C8C1498579E8 4608 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\zh-CN\RzSynapse.resources.dll
2013-12-16 17:22:54 58E81C15C2D007CF7A57DD8E98E33814 5632 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\pt-BR\RzUpdateManager.resources.dll
2013-12-16 17:22:54 44B5C7090C470EABDC846C440C4B47C8 4608 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\ru-RU\RzSynapse.resources.dll
2013-12-16 17:22:54 40F697835AFB41481BFC94452FD5EF20 4608 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\es-ES\RzSynapse.resources.dll
2013-12-16 17:22:54 39E50F6D491BED1A8B7924EAF717DCA5 104448 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\RzCommon.dll
2013-12-16 17:22:54 240B7D7F08D500D3191D3C631F4CB675 305664 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\RzStorage.dll
2013-12-16 17:22:54 23D4E8B353E7B99B1F85736A94B88695 4608 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\de-DE\RzSynapse.resources.dll
2013-12-16 17:22:54 1287DE2AB65A70C6238C14C777C6E14D 4608 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\ja-JP\RzSynapse.resources.dll
2013-12-16 17:22:54 0F33F659858E4F55722735A6DEE888D7 365416 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\RzUpdater\RzUpdateManager.exe
====== Java Cache =====
2013-12-26 14:02:46 D41F3BBA3B6E699FD31957B5209C278F 354733 ----a-w- C:\Users\Robbert van Soerland\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\e729e45-40fbc7f4
2013-12-26 14:02:45 276340A085306D28CB0D4A9BA489DE3B 107 ----a-w- C:\Users\Robbert van Soerland\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\18962dbd-6.0.lap
====== C:\Windows\SysWOW64 =====
2013-12-16 18:22:19 3C6968F69C1150ECDD0EDA8A8A2A289B 1727256 ----a-w- C:\Windows\SysWOW64\MBAPO232.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-12-26 23:39:57 4B4050855236C4656EEBDF225E3480FA 328712 ----a-w- C:\Windows\Sysnative\MijFrc.dll
2013-12-18 19:45:57 7AAB733392C6CA841E6804AB3EE9C638 40576 ------w- C:\Windows\Sysnative\MBCfg64.dll
2013-12-16 18:22:19 ECAEC5FBBBEF8612AF0A866AFA5F7EF2 101208 ----a-w- C:\Windows\Sysnative\RTEEL64A.dll
2013-12-16 18:22:19 E9D4A333DF15D06C68AC4BFB9B6581CB 310104 ----a-w- C:\Windows\Sysnative\RP3DAA64.dll
2013-12-16 18:22:19 E7BED47F7A097E59657310DEE7EB1FB0 1998104 ----a-w- C:\Windows\Sysnative\MBAPO264.dll
2013-12-16 18:22:19 D0D0D82B7366E691275E433CD34F89B2 375128 ----a-w- C:\Windows\Sysnative\RTEEP64A.dll
2013-12-16 18:22:19 CA1D7D09854D305A64B100DC1400BA21 331880 ----a-w- C:\Windows\Sysnative\RtlCPAPI64.dll
2013-12-16 18:22:19 C08DE9FE49B8DE126EE7A42C7C80450E 1021656 ----a-w- C:\Windows\Sysnative\RtkApi64.dll
2013-12-16 18:22:19 B6FE01558CC03F3866C9AD0ED19261D8 310104 ----a-w- C:\Windows\Sysnative\RP3DHT64.dll
2013-12-16 18:22:19 A88BE9A6C4E646A2B2A1BD3A7F4B58E7 198896 ----a-w- C:\Windows\Sysnative\SRSHP64.dll
2013-12-16 18:22:19 A6286A6C7A1BBFCBA17AA54384A21D1C 204120 ----a-w- C:\Windows\Sysnative\RTEED64A.dll
2013-12-16 18:22:19 A028717B791416182959B325D5B40679 211184 ----a-w- C:\Windows\Sysnative\SRSTSH64.dll
2013-12-16 18:22:19 9979375E79B7237DEC691A379BE3E7A7 154840 ----a-w- C:\Windows\Sysnative\RCoInstII64.dll
2013-12-16 18:22:19 8814A281406553A2640D6A04702C63BD 14952 ----a-w- C:\Windows\Sysnative\RtkCoLDR64.dll
2013-12-16 18:22:19 73F5245D81AC7922808255847ED0F401 397080 ----a-w- C:\Windows\Sysnative\MBWrp64.dll
2013-12-16 18:22:19 6F4CD493196100EEF349D7132CECAFD9 78680 ----a-w- C:\Windows\Sysnative\RTEEG64A.dll
2013-12-16 18:22:19 6090C634C996CBA3DEB6A4A18ED91345 2588888 ----a-w- C:\Windows\Sysnative\RtkAPO64.dll
2013-12-16 18:22:19 3F8A63EDF6E0E6827D5494CD8720F7CC 1662024 ----a-w- C:\Windows\Sysnative\RTSnMg64.cpl
2013-12-16 18:22:19 2FCADCC14F8E540F6ADE4BF92BD8AEDD 155888 ----a-w- C:\Windows\Sysnative\SRSWOW64.dll
2013-12-16 18:22:19 2A7224C314131592497D02A57D867218 618200 ----a-w- C:\Windows\Sysnative\RtDataProc64.dll
2013-12-16 18:22:19 22CAB76AF907B82664FEDE6A653ABA2A 1286872 ----a-w- C:\Windows\Sysnative\RTCOM64.dll
2013-12-16 18:22:19 0E2C5B7C842024F50B1795A980C4D0FF 2810072 ----a-w- C:\Windows\Sysnative\RtPgEx64.dll
2013-12-16 18:22:19 0C089E47D8BD3996742F0939DE7E2D48 2103040 ----a-w- C:\Windows\Sysnative\WavesGUILib64.dll
2013-12-16 18:22:19 0805289E121F3E3C458C970B08314EB2 149608 ----a-w- C:\Windows\Sysnative\RtkCfg64.dll
2013-12-16 18:22:19 018D3D2478754AA411DE6DA6DE5F8F21 518896 ----a-w- C:\Windows\Sysnative\SRSTSX64.dll
2013-12-16 18:22:18 D956C3D6ECE65A10A1018A72E08C4973 1013504 ----a-w- C:\Windows\Sysnative\MaxxAudioAPOShell64.dll
2013-12-16 18:22:18 B3E9EA31E37EDCC1D54CE20504549ABE 108640 ----a-w- C:\Windows\Sysnative\AERTAR64.dll
2013-12-16 18:22:18 922CDA544EB5C5A57795B38ED5871B69 2743328 ----a-w- C:\Windows\Sysnative\FMAPO64.dll
2013-12-16 18:22:18 75616F8DB5C092A8A50AFEC273859DD7 318808 ----a-w- C:\Windows\Sysnative\MaxxAudioAPO20.dll
2013-12-16 18:22:18 6E14F444A2506049EEC25CB5EDFE0905 113576 ----a-w- C:\Windows\Sysnative\CONEQMSAPOGUILibrary.dll
2013-12-16 18:22:18 2CBDC11690656A1A2D03EC65AE2BCE68 209096 ----a-w- C:\Windows\Sysnative\AERTAC64.dll
2013-12-16 18:22:18 1A6C91215105B6B6C48B0F531E1CD8FA 2036992 ----a-w- C:\Windows\Sysnative\MaxxAudioEQ64.dll
2013-12-16 18:21:37 EE3B848C6408395CAC88FBD51B3654C7 448152 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT
====== C:\Windows\Sysnative\drivers =====
2013-12-26 23:47:51 9176C0822FAA649E45121875BE32F5D2 74960 ----a-w- C:\Windows\Sysnative\drivers\xusb21.sys
2013-12-26 23:47:51 5FEC1FF5BB9A1FA5C9CF4544D19D6D5D 115272 ----a-w- C:\Windows\Sysnative\drivers\MijXfilt.sys
2013-12-16 18:22:19 8FF2D95CBA49B405C5DE27039FF0BF35 32344 ----a-w- C:\Windows\Sysnative\drivers\MBfilt64.sys
2013-12-16 18:22:19 7A3585C4000C8340AE6B7FA08F9EF50F 3760344 ----a-w- C:\Windows\Sysnative\drivers\RTKVHD64.sys
2013-12-16 18:22:19 3533C7D5CC53FDF149B72CCDAE1B92C0 693329 ----a-w- C:\Windows\Sysnative\drivers\RTAIODAT.DAT
2013-12-12 18:12:01 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-12-12 15:16:03 E6AF4DF1817953D73C519B17CF849756 1455448 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys
2013-12-12 15:16:03 E5F7328B1D29BCE791862CD3C0DD382A 447320 ----a-w- C:\Windows\Sysnative\drivers\USBHUB3.SYS
2013-12-12 15:16:03 9110193D93960E38B8692E4519C75D72 285016 ----a-w- C:\Windows\Sysnative\drivers\spaceport.sys
2013-12-12 15:16:00 857433889008F86728E8C099C740729D 288768 ----a-w- C:\Windows\Sysnative\drivers\portcls.sys
2013-12-11 22:09:35 E54A699931F73E52C6DA2DA2776BA98D 39200 ----a-w- C:\Windows\Sysnative\drivers\nvvad64v.sys
2013-12-02 17:12:34 8E98D21EE06192492A5671A6144D092F 33240 ----a-w- C:\Windows\Sysnative\drivers\GEARAspiWDM.sys
====== C:\Windows\Tasks ======
2013-12-05 23:02:45 4397F1778B7BEB9B119EFA54EFD5EFF5 5098 ----a-w- C:\Windows\Sysnative\Tasks\Microsoft Office 15 Sync Maintenance for RobbertPC-Robbert van Soerland RobbertPC
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-12-16 18:22:23 -------- d-----w- C:\Program Files\Realtek
2013-12-02 17:12:31 -------- d-----w- C:\Program Files\iTunes
2013-12-02 17:12:31 -------- d-----w- C:\Program Files\iPod
2013-12-02 17:12:21 -------- d-----w- C:\Program Files\Common Files\Apple
2013-12-02 17:12:18 -------- d-----w- C:\Program Files\Bonjour
======= C:\PROGRA~2 =====
2013-12-23 17:15:54 -------- d-----w- C:\PROGRA~2\Overwolf
2013-12-23 17:15:54 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype
2013-12-23 17:15:54 -------- d-----w- C:\PROGRA~2\COMMON~1\Overwolf
2013-12-23 17:14:51 -------- d-----w- C:\PROGRA~2\TeamSpeak 3 Client
2013-12-16 18:20:36 -------- d-----w- C:\PROGRA~2\Realtek
2013-12-16 17:11:01 -------- d-----w- C:\PROGRA~2\Razer
2013-12-12 15:23:25 -------- d-----w- C:\PROGRA~2\Setup Files
2013-12-04 16:05:55 -------- d-----w- C:\PROGRA~2\SquirrelWeb
2013-12-02 17:12:24 -------- d-----w- C:\PROGRA~2\Apple Software Update
2013-12-02 17:12:18 -------- d-----w- C:\PROGRA~2\Bonjour
2013-12-02 17:12:14 -------- d-----w- C:\PROGRA~2\COMMON~1\Apple
======= C: =====
====== C:\Users\Robbert van Soerland\AppData\Roaming ======
2013-12-26 23:40:00 -------- d-----w- C:\Users\Robbert van Soerland\AppData\Roaming\MotioninJoy
2013-12-23 23:52:04 -------- d-----w- C:\Users\Robbert van Soerland\AppData\Roaming\Trine2
2013-12-23 17:15:56 -------- d-----w- C:\Users\Robbert van Soerland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2013-12-23 17:14:53 -------- d-----w- C:\Users\Robbert van Soerland\AppData\Roaming\TS3Client
2013-12-23 17:14:52 -------- d-----w- C:\Users\Robbert van Soerland\AppData\Local\Overwolf
2013-12-16 18:22:14 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-16 18:22:14 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-16 17:21:28 -------- d-----w- C:\Users\Robbert van Soerland\AppData\Local\Razer
2013-12-08 17:40:23 -------- d-----w- C:\Users\Robbert van Soerland\AppData\Local\Creative
2013-12-04 16:52:25 3C6034492ED538F24A29E614F58413C2 7602 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Resmon.ResmonCfg
2013-12-04 16:05:31 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Microsoft
2013-12-04 15:38:49 -------- d-----w- C:\Users\Robbert van Soerland\AppData\Local\Warframe
2013-12-03 21:24:25 -------- d-----w- C:\Users\Robbert van Soerland\AppData\Local\PAYDAY 2
2013-12-02 17:12:36 -------- d-----w- C:\Users\Robbert van Soerland\AppData\Roaming\Apple Computer
2013-12-02 17:12:36 -------- d-----w- C:\Users\Robbert van Soerland\AppData\Local\Apple Computer
2013-12-02 17:12:24 -------- d-----w- C:\Users\Robbert van Soerland\AppData\Local\Apple
2013-12-02 17:12:22 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Apple Computer
2013-11-28 16:44:56 -------- d-----w- C:\Users\Robbert van Soerland\AppData\Local\Introversion
2013-11-28 16:38:34 -------- d-----w- C:\Users\Robbert van Soerland\AppData\Roaming\Friends in War
====== C:\Users\Robbert van Soerland ======
2013-12-26 23:39:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
2013-12-23 17:14:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2013-12-16 18:22:14 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Videos
2013-12-16 18:22:14 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Searches
2013-12-16 18:22:14 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Saved Games
2013-12-16 18:22:14 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Pictures
2013-12-16 18:22:14 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Music
2013-12-16 18:22:14 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Links
2013-12-16 18:22:14 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Favorites
2013-12-16 18:22:14 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Downloads
2013-12-16 18:22:14 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Documents
2013-12-16 18:22:14 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Desktop
2013-12-16 18:22:14 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Contacts
2013-12-16 17:21:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2013-12-16 17:21:24 -------- d-----w- C:\ProgramData\Razer
2013-12-12 15:22:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2013-12-02 17:12:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2013-12-02 17:12:31 -------- d-----w- C:\ProgramData\Apple Computer
2013-12-02 17:12:31 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-02 17:12:14 -------- d-----w- C:\ProgramData\Apple
2013-11-28 16:41:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prison Architect - Alpha 14
====== C: exe-files ==
2013-12-28 13:06:19 B415FD51CD5CB36E77158B9FEA3027E4 320848 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\NVIDIA\NvBackend\Packages\00005680\streaming-assets-trine_2.17529143.exe
2013-12-27 13:05:36 FEF6357E86ED67A573B24FEBEE7A9ED5 2979424 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\NVIDIA\NvBackend\Packages\00005681\dao.17529219.exe
2013-12-26 23:47:38 6AF86F46BCDA144F79BEEB8D0EA13B95 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1687467974-2363327161-508467261-1001\$IYQSHK4.exe
2013-12-26 23:47:26 97E329C0974BB74CF97CBBD1AE3C5CBA 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1687467974-2363327161-508467261-1001\$IQ8ON20.exe
2013-12-26 23:46:16 A903136E356D1C18F87E357B74882944 2548160 ----a-w- C:\$Recycle.Bin\S-1-5-21-1687467974-2363327161-508467261-1001\$RQ8ON20.exe
2013-12-26 23:44:16 704FB725C9D29BE574DABAE178CC9984 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1687467974-2363327161-508467261-1001\$IIN7Q3D.exe
2013-12-26 23:44:12 A903136E356D1C18F87E357B74882944 2548160 ----a-w- C:\$Recycle.Bin\S-1-5-21-1687467974-2363327161-508467261-1001\$RIN7Q3D.exe
2013-12-26 23:39:21 5AE1BF5713CF1F0D682561D34779214D 4199240 ----a-w- C:\$Recycle.Bin\S-1-5-21-1687467974-2363327161-508467261-1001\$RYQSHK4.exe
2013-12-25 13:39:40 0D429B6C54941F22FC36E45124802580 111824 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6OXQE3F3\ism[1].exe
2013-12-24 15:34:48 9542F688A4C507EF7E95E77FC8EF87F3 29696 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\NVIDIA\NvBackend\StreamingAssets\trine_2\automated_launch.exe
2013-12-23 17:15:55 58D61281F2D3EE0EE886D24936FCDCED 404408 ----a-w- C:\Program Files (x86)\Overwolf\owUpdater.exe
2013-12-23 17:15:55 2B7D360154E5324F9BA181AF0DBFB2AA 96184 ----a-w- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
2013-12-23 17:14:51 4B8FAFA33F7E11A8F426294F06A4B18F 126242 ----a-w- C:\Program Files (x86)\TeamSpeak 3 Client\Uninstall.exe
=== C: other files ==
2013-12-26 23:47:51 9176C0822FAA649E45121875BE32F5D2 74960 ----a-w- C:\Windows\System32\Drivers\xusb21.sys
2013-12-26 23:47:51 5FEC1FF5BB9A1FA5C9CF4544D19D6D5D 115272 ----a-w- C:\Windows\System32\Drivers\MijXfilt.sys
2013-12-25 13:38:16 F8265CED318665870D8336B9FFA9FD3B 7902204 ----a-w- C:\Users\Robbert van Soerland\AppData\Local\Temp\Vuze_5.2.0.0d_win64.zip
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-21-1687467974-2363327161-508467261-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
"EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"RGSC"="E:\Rockstar Games Social Club\RGSCLauncher.exe /silent"
"Overwolf"="C:\Program Files (x86)\Overwolf\Overwolf.exe -silent"
"ConduitFloatingPlugin_ojpijjmpahflnipadmlpgbjmagmjchkk"="C:\Windows\SysWOW64\Rundll32.exe C:\Users\ROBBER~1\AppData\Local\Temp\CT2504091\plugins\TBVerifier.dll,RunConduitFloatingPlugin ojpijjmpahflnipadmlpgbjmagmjchkk"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdReg"="C:\Windows\UpdReg.EXE"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"iTunesHelper"="E:\Program Files (x86)\iTunes\iTunesHelper.exe"
"Live Update 5"="E:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder"
"Razer Synapse"="C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
"Sound Blaster Cinema"="E:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe /r"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
"EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"RGSC"="E:\Rockstar Games Social Club\RGSCLauncher.exe /silent"
"Overwolf"="C:\Program Files (x86)\Overwolf\Overwolf.exe -silent"
"ConduitFloatingPlugin_ojpijjmpahflnipadmlpgbjmagmjchkk"="C:\Windows\SysWOW64\Rundll32.exe C:\Users\ROBBER~1\AppData\Local\Temp\CT2504091\plugins\TBVerifier.dll,RunConduitFloatingPlugin ojpijjmpahflnipadmlpgbjmagmjchkk"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"MBCfg64"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~2\\SearchProtect\\SearchProtect\\bin\\SPVC64Loader.dll"
==== Startup Folders ======================
2013-10-05 14:12:21 2279 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\De Killer Network Manager van Qualcomm Atheros.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05-10-2013 15:13]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05-10-2013 15:13]
==== Other Scheduled Tasks ======================
"C:\Windows\SysNative\tasks\FRAPS" [E:\Fraps\fraps.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Trigger KMS Activation" ["E:\KMSNano (Windows Activatie)\Activation\KMSnanov20.1\TriggerKMS.exe"]
==== Folders in C:\ProgramData 0-6 Months Old ======================
2013-10-05 13:58:52 -------- d-----w- C:\ProgramData\PRICache
2013-10-05 14:06:41 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2013-10-05 14:06:52 -------- d-----w- C:\ProgramData\NVIDIA
2013-10-05 14:12:17 -------- d-----w- C:\ProgramData\Bigfoot Networks
2013-10-05 14:15:35 -------- d-----w- C:\ProgramData\Creative
2013-10-05 14:15:44 -------- d-----w- C:\ProgramData\DAEMON Tools Lite
2013-10-05 14:18:40 -------- d-----w- C:\ProgramData\Microsoft Help
2013-10-05 14:28:33 -------- d-----w- C:\ProgramData\Electronic Arts
2013-10-05 14:28:33 -------- d-----w- C:\ProgramData\Origin
2013-10-05 20:03:53 -------- d-----w- C:\ProgramData\EA Core
2013-10-05 22:38:50 -------- d-----w- C:\ProgramData\Sun
2013-10-05 22:39:11 -------- d-----w- C:\ProgramData\SystemRequirementsLab
2013-10-07 18:28:29 -------- d-----w- C:\ProgramData\Skype
2013-11-05 14:40:59 -------- d-----w- C:\ProgramData\Malwarebytes
2013-11-11 18:35:44 -------- d-sh--w- C:\ProgramData\SecuROM
2013-11-21 20:49:50 -------- d-----w- C:\ProgramData\Orbit
2013-12-02 17:12:14 -------- d-----w- C:\ProgramData\Apple
2013-12-02 17:12:31 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-02 17:12:31 -------- d-----w- C:\ProgramData\Apple Computer
2013-12-16 17:21:24 -------- d-----w- C:\ProgramData\Razer
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gdnafjfahbdfphihncgadbegiaebehio - C:\Program Files (x86)\SquirrelWeb\gdnafjfahbdfphihncgadbegiaebehio.crx[]
Google Docs - Robbert van Soerland - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Robbert van Soerland - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Robbert van Soerland - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Tribal Wars Time Extension - Robbert van Soerland - Default\Extensions\ckolnemglnnaaaeopconbampbdejaika
Google Search - Robbert van Soerland - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - Robbert van Soerland - Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Google Wallet - Robbert van Soerland - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Robbert van Soerland - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\Users\Robbert van Soerland\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage deleted successfully
C:\Users\Robbert van Soerland\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage-journal deleted successfully
C:\Users\Robbert van Soerland\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pricegong.conduitapps.com_0.localstorage deleted successfully
C:\Users\Robbert van Soerland\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pricegong.conduitapps.com_0.localstorage-journal deleted successfully
C:\Users\Robbert van Soerland\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.conduit.com_0.localstorage deleted successfully
C:\Users\Robbert van Soerland\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.conduit.com_0.localstorage-journal deleted successfully
C:\Users\Robbert van Soerland\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_storage.conduit.com_0.localstorage deleted successfully
C:\Users\Robbert van Soerland\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_storage.conduit.com_0.localstorage-journal deleted successfully
C:\Users\Robbert van Soerland\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gdnafjfahbdfphihncgadbegiaebehio deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gdnafjfahbdfphihncgadbegiaebehio deleted successfully
==== HijackThis Entries ======================
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Live Update 5] E:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [Sound Blaster Cinema] "E:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [RGSC] E:\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
O4 - HKCU\..\Run: [ConduitFloatingPlugin_ojpijjmpahflnipadmlpgbjmagmjchkk] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\ROBBER~1\AppData\Local\Temp\CT2504091\plugins\TBVerifier.dll",RunConduitFloatingPlugin ojpijjmpahflnipadmlpgbjmagmjchkk
O4 - Global Startup: De Killer Network Manager van Qualcomm Atheros.lnk = C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Overwolf Updater Service (OverwolfUpdaterService) - Overwolf - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Qualcomm Atheros Killer Service - Unknown owner - C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Robbert van Soerland\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Robbert van Soerland\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Robbert van Soerland\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=35 folders=33 12423979 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Robbert van Soerland\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\ROBBER~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on za 28-12-2013 at 17:14:54,16 ======================
Foutje dit was de log