Zoek.exe v5.0.0.1 Updated 15-November-2015 Tool run by anne on ma 16/11/2015 at 18:45:59,03. Microsoft Windows 10 Home 10.0.10240 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\anne\Desktop\zoek.exe\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-12-09-180447.log 42846 bytes C:\zoek-results2014-12-10-212528.log 32425 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\Cisco deleted successfully C:\PROGRA~2\Lexmark deleted successfully C:\Program Files\log deleted successfully C:\Program Files\Common Files\Intel deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\PROGRA~3\ThumbnailCache4R deleted successfully C:\Users\anne\AppData\Local\DriverToolkit deleted successfully C:\Users\anne\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\anne\AppData\Local\EmieSiteList deleted successfully C:\Users\anne\AppData\Local\EmieUserList deleted successfully C:\Users\anne\AppData\Local\NetworkTiles deleted successfully C:\Users\anne\AppData\Local\PackageStaging deleted successfully C:\Users\anne\AppData\Local\photoOptimizeHistoryDataBase deleted successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Acrobat Reader DC - Nederlands Adobe Flash Player 19 NPAPI Adobe Refresh Manager Apple Application Support Apple Mobile Device Support Apple Software Update Ashampoo AppLauncher (Medion) v.1.0.0 Belgium e-ID middleware 4.0.7 (build 7466) Bonjour BS.Player FREE CCleaner CutePDF Writer 3.0 CyberLink Home Cinema 10 CyberLink LabelPrint 2.5 CyberLink MediaEspresso 6.5 CyberLink PhotoDirector 4 CyberLink Power2Go 8 CyberLink PowerDirector 11 CyberLink PowerDVD 10 CyberLink PowerDVD Copy 1.5 CyberLink PowerRecover CyberLink YouCam 5 D3DX10 Dolby Digital Plus Home Theater DriverToolkit version 8.5.0.0 Fotogalerie Fotogalerija Fotąt r Galerie de photos Intel(R) PRO/Wireless Driver Intel(R) Processor Graphics Intel(R) Trusted Execution Engine Intel(R) Trusted Execution Engine Driver Intel(R) Virtual Buttons Intel(R) Wireless Bluetooth(R)(patch version 17.0.1427.2) Intel© PROSet/Wireless Software Intel© PROSet/Wireless WiFi Software iTunes Java 8 Update 65 Java 8 Update 65 (64-bit) Java Auto Updater Lexmark X5400 Series Microsoft Application Error Reporting Microsoft Office 365 - nl-nl Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Movie Maker Mozilla Firefox 42.0 (x86 nl) Mozilla Maintenance Service MSVCRT MSVCRT110 MSVCRT110_amd64 NXP NXPNFCDriver 1.4.7.2 Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component Panda Devices Agent Panda Free Antivirus PDF Architect 3 PDF Architect 3 Create Module PDF Architect 3 Edit Module PDF Architect 3 View Module PDF Writer for Windows 8 PDFCreator pdfFactory Pro PHotkey Photo Common Photo Gallery Popcorn Time Raccolta foto Realtek Card Reader Realtek High Definition Audio Driver Samsung AllShare Skype Click to Call SkypeT 7.7 Smart View 2.0 Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Windows Live Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinRAR 5.21 (32-bit) ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe C:\Program Files (x86)\PDF Architect 3\creator-ws.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe C:\Program Files (x86)\Popcorn Time\Updater.exe C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe C:\Program Files (x86)\PHotkey\PHotkey.exe C:\Program Files (x86)\PHotkey\MsgTranAgt.exe C:\Program Files (x86)\PHotkey\POSD.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\PHotkey\GPMTray.exe C:\Program Files (x86)\PHotkey\KeyboardMonitorTool.exe C:\Program Files (x86)\Lexmark X5400 Series\lxdvmon.exe C:\Program Files (x86)\Lexmark X5400 Series\lxdvamon.exe C:\Users\anne\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\anne\Desktop\zoek.exe\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\anne\AppData\Roaming\Mozilla\Firefox\Profiles\rhow4nuq.default user.js not found ---- Lines yahoo removed from prefs.js ---- user_pref("capability.policy.maonoscript.sites", "addons.mozilla.org afx.ms ajax.aspnetcdn.com bootstrapcdn.com cdnjs.cloudflare.com code.jquery.com f ---- FireFox user.js and prefs.js backups ---- prefs_20151611_1941_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Cisco not found C:\PROGRA~2\Lexmark not found C:\PROGRA~3\SPLDF91.tmp deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\WINDOWS\SysNative\roboot64.exe deleted C:\WINDOWS\WinInit.Ini deleted C:\WINDOWS\Syswow64\REN2314.tmp deleted C:\Users\anne\AppData\Roaming\Mozilla\Firefox\Profiles\rhow4nuq.default\jetpack deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3987 MB CPU Info: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz CPU Speed: 2185,7 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1536 X 864 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Bluetooth Device (Personal Area Network) | Intel(R) Dual Band Wireless-AC 3160 CD / DVD Drives: No optical drives found. Ports: COM2 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 56,1GB | D: 405,8GB | E: 60,0GB Hard Disks - Free: C: 1,5GB | D: 240,1GB | E: 43,6GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | MEDION - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: Medion Akoya S6214T Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Internet Explorer Version: 11.0.10240.16590 Mozilla Firefox version: 42.0 (x86 nl) Adobe Reader version: 15.9.20077.160923 Sun Java version: 1.8.0_65 (32-bit) Sun Java version: 1.8.0_65 (64-bit) Flash Player version: 19.0.0.245 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\anne\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2015-11-10 18:52:51 FD47D5526827398C371D100284664078 2049536 ----a-w- C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2015-11-10 18:52:50 16271541E6C89AC46316DC276DF33C76 2639872 ----a-w- C:\WINDOWS\SysWOW64\esent.dll 2015-11-10 18:52:46 52432E91FF09B6AA8113F241ADEA1E1A 2878512 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2015-11-10 18:52:45 2986B2B617DD50857FC614B64E9BE1F9 2647040 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-11-10 18:52:44 18CCB72B537EEE6CB24E8A4A3803475E 18803712 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2015-11-10 18:52:38 D794DE423CD7C96DB38917C553665E13 19326464 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2015-11-10 18:52:36 B9573AE51518377CC31D9F3C92839298 441344 ----a-w- C:\WINDOWS\SysWOW64\dlnashext.dll 2015-11-10 18:52:35 EE04BA6667EC970382AEB544F1D89283 1918976 ----a-w- C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-11-10 18:52:34 BBF8ACF14694C6E2DA08CA22E7C544A4 961376 ----a-w- C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-11-10 18:52:34 29975419D8EE4827301777ECE10AF30F 1380864 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2015-11-10 18:52:33 988FE631BF928BF4FE0A0AB856FAE574 11262976 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2015-11-10 18:52:27 C15E2900919126DCE4C2A927D3D45158 464896 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.dll 2015-11-10 18:52:23 DF3F02FA4AEB7064FAC76D2E31BE4DC4 311296 ----a-w- C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2015-11-10 18:52:23 10BD43B952C7A59D31EA976566B624E6 767488 ----a-w- C:\WINDOWS\SysWOW64\kerberos.dll 2015-11-10 18:52:22 99F56FA8CC016E026C38D4CC338B0A15 762888 ----a-w- C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2015-11-10 18:52:21 BDD296468C14755DB20DB5C22C8880B6 650240 ----a-w- C:\WINDOWS\SysWOW64\jscript.dll 2015-11-10 18:52:21 4F5230393F48421846F1EEC44F98148B 539728 ----a-w- C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-11-10 18:43:06 8E750AE4F0BF98AFE35BDDDA8B70AD4D 5286088 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2015-11-16 17:43:14 A8060F296B3866050FE1D4D7B09BCD9D 16148 ----a-w- C:\WINDOWS\Sysnative\DRIES-ANNE-1_anne_HistoryPrediction.bin 2015-11-15 10:36:20 E5B44951090ACE53FC7E4C77F52F0B72 321536 ------w- C:\WINDOWS\Sysnative\fppr4-x64.dll 2015-11-15 10:36:20 41C2F3FDF19EDE8115167026284F5B50 281088 ------w- C:\WINDOWS\Sysnative\fppmon4.dll 2015-11-10 18:52:51 CA7800F03BF0281D4D38E1006618E82E 627712 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.dll 2015-11-10 18:52:50 78760751FBCB900F6F68CA1700DAE2DC 2675200 ----a-w- C:\WINDOWS\Sysnative\Windows.StateRepository.dll 2015-11-10 18:52:50 736BB47B4D0F66039E0AB9A7B885D0F0 3248128 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll 2015-11-10 18:52:50 43BE4036BC793A48BB0021B0FFF943CF 2180608 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2015-11-10 18:52:49 B622D84C585A82A42E6C9EEF3320D505 21873664 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2015-11-10 18:52:48 57A3E25D7DA89E65953D254A946C5734 1795072 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll 2015-11-10 18:52:47 FF5819053CE86FBDC4D7BFA4536A1ABE 24597504 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2015-11-10 18:52:47 5D1F633C10EC9E00211E6C3D429AC1FB 2987520 ----a-w- C:\WINDOWS\Sysnative\esent.dll 2015-11-10 18:52:46 02EEC53EA6C2382001A5B471F76B827B 3621248 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2015-11-10 18:52:37 B1622CB61E1C2166C0DEADBCDA611378 541024 ----a-w- C:\WINDOWS\Sysnative\mcupdate_GenuineIntel.dll 2015-11-10 18:52:36 8F643B386A381879A90946ACB6E7F30D 502272 ----a-w- C:\WINDOWS\Sysnative\dlnashext.dll 2015-11-10 18:52:36 6300722E8527EC54D426FD00EE5196B2 1068032 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll 2015-11-10 18:52:35 19C4F8570B675E940CFFA9DB25CBDA05 2418688 ----a-w- C:\WINDOWS\Sysnative\MFMediaEngine.dll 2015-11-10 18:52:34 C6BA8ADCD2F2A626E01B20D740C5A9AF 1602560 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2015-11-10 18:52:34 63CCD4D03566A23A26E00A85452B7816 1392480 ----a-w- C:\WINDOWS\Sysnative\LicenseManager.dll 2015-11-10 18:52:33 4452B7B47A0BA77457B5173D6E46776F 1083072 ----a-w- C:\WINDOWS\Sysnative\appraiser.dll 2015-11-10 18:52:33 0D75CBD29B38A8D9361033A6884848AF 25280 ----a-w- C:\WINDOWS\Sysnative\CompatTelRunner.exe 2015-11-10 18:52:29 ADDBAD6945DFB0590B053C3BB4B1C833 8020832 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2015-11-10 18:52:28 A7C48B051A9C5D5054916DE5BEBBCA2D 579072 ----a-w- C:\WINDOWS\Sysnative\winlogon.exe 2015-11-10 18:52:27 EBBD7066B59D8D0C22E6F59DD22AB486 76800 ----a-w- C:\WINDOWS\Sysnative\browserbroker.dll 2015-11-10 18:52:27 E650DD63BF9C8F4369C547B72DC81888 333312 ----a-w- C:\WINDOWS\Sysnative\MusUpdateHandlers.dll 2015-11-10 18:52:27 D920A8B070A9BA5C9DEFC3BA7C3883B5 145408 ----a-w- C:\WINDOWS\Sysnative\dssvc.dll 2015-11-10 18:52:27 429E7B01BBEB38EA55464918811D3373 515072 ----a-w- C:\WINDOWS\Sysnative\internetmail.dll 2015-11-10 18:52:27 34E38B59C1AF16BE0531A72326CF144C 3587072 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2015-11-10 18:52:27 19DB66E644058AA880AE20144FA40839 713216 ----a-w- C:\WINDOWS\Sysnative\usermgr.dll 2015-11-10 18:52:26 A09B1B7581BEE8BAC7502A55E71E48EB 12504064 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2015-11-10 18:52:24 DF84555A734BA2BDA55BCCCC47095ADD 1015808 ----a-w- C:\WINDOWS\Sysnative\RDXService.dll 2015-11-10 18:52:24 D33C8E7B495A668F4F9740CC93AF6496 453120 ----a-w- C:\WINDOWS\Sysnative\Windows.Devices.Usb.dll 2015-11-10 18:52:23 378FB144F13D0FB94A5794C3D104AD2C 1383936 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2015-11-10 18:52:22 3CCF1EDBF6EC23174F4700E6DB3FFBDF 966416 ----a-w- C:\WINDOWS\Sysnative\twinapi.appcore.dll 2015-11-10 18:52:22 2417466C4F7DE615EFD9717CB569322F 826880 ----a-w- C:\WINDOWS\Sysnative\jscript.dll 2015-11-10 18:52:21 C56E82DA13F1433C7E8AC8E31529E41E 949760 ----a-w- C:\WINDOWS\Sysnative\kerberos.dll 2015-11-10 18:52:21 74C965E6A46F070196BDBC1CBD7DB8F8 607408 ----a-w- C:\WINDOWS\Sysnative\fontdrvhost.exe ====== C:\WINDOWS\Sysnative\drivers ===== 2015-11-10 18:52:48 A3D96563BF46FC8A0E5756B796127D14 577888 ----a-w- C:\WINDOWS\Sysnative\drivers\afd.sys 2015-11-10 18:52:32 D42AC03ACF9CA67693D1D9BB4D2A0BC8 116064 ----a-w- C:\WINDOWS\Sysnative\drivers\tdx.sys 2015-11-10 18:52:32 91756EE69E63D66F77E3B791D33F7078 459104 ----a-w- C:\WINDOWS\Sysnative\drivers\netio.sys ====== C:\WINDOWS\Tasks ====== 2015-11-11 22:14:53 F68E81C967FABB72122251A0E71F7BAD 382 ----a-w- C:\WINDOWS\Tasks\DriverToolkit Autorun.job 2015-11-11 22:14:53 1EB9DA0FE0620C4C2CF2E84B74C16277 2802 ----a-w- C:\WINDOWS\Sysnative\Tasks\DriverToolkit Autorun ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2015-11-11 22:05:37 -------- d-----w- C:\PROGRA~2\WinRAR 2015-11-11 15:49:56 -------- d-----w- C:\PROGRA~2\DriverToolkit 2015-11-02 18:08:31 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\anne\AppData\Roaming ====== 2015-11-15 10:36:27 -------- d-----w- C:\Users\anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pdfFactory Pro 2015-11-11 22:05:48 -------- d-----w- C:\Users\anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ====== C:\Users\anne ====== 2015-11-15 12:53:47 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\anne\Downloads\RSITx64.exe 2015-11-11 22:05:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-11-11 22:05:22 7CC13CDC3CE682596E5B69A3569120E3 2141856 ----a-w- C:\Users\anne\Desktop\wrar521nl.exe 2015-11-11 15:50:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit ====== C: exe-files == 2015-11-15 12:53:47 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\anne\Downloads\RSITx64.exe 2015-11-15 10:36:20 C86D19CE1ACAD38BE6222F7FD8FC3C46 763904 ----a-w- C:\Windows\System32\spool\drivers\x64\3\fppdis4.exe 2015-11-15 10:36:20 A3796FC115ADF70C499A649152A594E0 372224 ----a-w- C:\Windows\System32\spool\drivers\x64\3\fpphelp4.exe 2015-11-15 10:36:20 8FCE8855764FE97D3B89A144F51B7947 644096 ----a-w- C:\Windows\System32\spool\drivers\x64\3\fppinst4.exe 2015-11-12 06:23:29 CECDA2481D60AE425AA6A0A4E9F8C52D 2013184 ----a-w- C:\Users\anne\AppData\Local\Packages\Telenet.Yelo_c5vekn1z7ww04\AC\Microsoft\CLR_v4.0\NativeImages\Yelo\6f98b340118b4644398576c4e73c651a\Yelo.ni.exe 2015-11-11 22:05:39 70704AB7F16E72BC17CDD6D59A1DD719 1408088 ----a-w- C:\Program Files (x86)\WinRAR\WinRAR.exe 2015-11-11 22:05:38 D344343660FBF3A40A94CA8F824C3443 311384 ----a-w- C:\Program Files (x86)\WinRAR\UnRAR.exe 2015-11-11 22:05:38 16976B62C2CA7FDE0C5AD37390A39E98 166488 ----a-w- C:\Program Files (x86)\WinRAR\Uninstall.exe 2015-11-11 22:05:37 BE9DF7AD22B00A151E79622D0F9A62B9 499288 ----a-w- C:\Program Files (x86)\WinRAR\Rar.exe 2015-11-11 22:05:22 7CC13CDC3CE682596E5B69A3569120E3 2141856 ----a-w- C:\Users\anne\Desktop\wrar521nl.exe 2015-11-11 15:49:59 BE3C79033FA8302002D9D3A6752F2263 1050104 ----a-w- C:\Program Files (x86)\DriverToolkit\DPInst64.exe 2015-11-11 15:49:59 AC4B5A0FFE105562F80DC0D4555BC0BF 150328 ----a-w- C:\Program Files (x86)\DriverToolkit\RemoveDT.exe 2015-11-11 15:49:59 64A25F43AC18508CC26A351B7C3F4B1B 170296 ----a-w- C:\Program Files (x86)\DriverToolkit\extract.exe 2015-11-11 15:49:59 30A0AFEE4AEA59772DB6434F1C0511AB 921992 ----a-w- C:\Program Files (x86)\DriverToolkit\DPInst32.exe 2015-11-11 15:49:57 B35BCDC8758F44BB092590D92A8E744C 1304040 ----a-w- C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe 2015-11-11 15:49:56 B1D6153B48E44D135FE52764DFBF9EE5 1209033 ----a-w- C:\Program Files (x86)\DriverToolkit\unins000.exe 2015-11-10 18:52:37 8EAF7D244FCBB1F33DBCD9312E2D97FF 6264688 ----a-w- C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe 2015-11-10 18:52:33 0D75CBD29B38A8D9361033A6884848AF 25280 ----a-w- C:\Windows\System32\CompatTelRunner.exe 2015-11-10 18:52:29 ADDBAD6945DFB0590B053C3BB4B1C833 8020832 ----a-w- C:\Windows\System32\ntoskrnl.exe 2015-11-10 18:52:28 A7C48B051A9C5D5054916DE5BEBBCA2D 579072 ----a-w- C:\Windows\System32\winlogon.exe 2015-11-10 18:52:21 74C965E6A46F070196BDBC1CBD7DB8F8 607408 ----a-w- C:\Windows\System32\fontdrvhost.exe 2015-11-10 18:52:21 4F5230393F48421846F1EEC44F98148B 539728 ----a-w- C:\Windows\SysWOW64\fontdrvhost.exe 2015-11-10 18:43:06 8E750AE4F0BF98AFE35BDDDA8B70AD4D 5286088 ----a-w- C:\Windows\SysWOW64\FlashPlayerInstaller.exe === C: other files == 2015-11-12 15:04:47 092BBF83861D2C80488AB5E34E54E5E0 86 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-300720333-2153760283-3491995548-1001\$IN51OPJ.zip 2015-11-12 06:58:03 7A5B4543212ACC0EF9129AFB0A5EFB6C 132 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-300720333-2153760283-3491995548-1001\$ILKL59L.zip 2015-11-12 06:50:18 A339B770715C51A1A1B1396294447F7D 132 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-300720333-2153760283-3491995548-1001\$I3C44Y2.zip 2015-11-12 06:47:36 DD3460C3ED5744EC41D5B84303D03384 16074512 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-300720333-2153760283-3491995548-1001\$R3C44Y2.zip 2015-11-12 06:47:36 76658AD0D01DA0EA1F68F919029CD1CA 2008180 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-300720333-2153760283-3491995548-1001\$RLKL59L.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-300720333-2153760283-3491995548-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "OneDrive"="C:\Users\anne\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CLMLServer_For_P2G8"="C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R" "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "YouCam Service"="C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe /s" "PSUAMain"="C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe /LaunchSysTray" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "AllShareAgent"="C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe" "Lexmark X5400 Series"="C:\Program Files (x86)\Lexmark X5400 Series\fm3032.exe /s" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "OneDrive"="C:\Users\anne\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4" "lxdvmon.exe"="C:\Program Files (x86)\Lexmark X5400 Series\lxdvmon.exe" "lxdvamon"="C:\Program Files (x86)\Lexmark X5400 Series\lxdvamon.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10/11/2015 19:43] C:\WINDOWS\tasks\DriverToolkit Autorun.job --a-------- C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe [01/07/2015 13:15] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\DriverToolkit Autorun" [C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{9CDB10DD-2446-4D32-B2E4-CC78C6F73126}" [C:\Windows\system32\msfeedssync.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\anne\AppData\Roaming\Mozilla\Firefox\Profiles\rhow4nuq.default user_pref("browser.startup.homepage", "http://www.google.be/"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "pdf_architect_3_conv@pdfarchitect.org"=hex(2):43,00,3a,00,5c,00,50,00,72,00,\ [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\anne\AppData\Roaming\Mozilla\Firefox\Profiles\rhow4nuq.default - United States English Spellchecker - %ProfilePath%\extensions\en-US@dictionaries.addons.mozilla.org - FT DeepDark - %ProfilePath%\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} - Disconnect - %ProfilePath%\extensions\2.0@disconnect.me.xpi - Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi - Undetermined - %ProfilePath%\extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi - Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\anne\AppData\Roaming\Mozilla\Firefox\Profiles\rhow4nuq.default 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013 F114FBA6246530B89DD1E04351E0EAC5 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll - Shockwave Flash ==== Chromium Look ====================== ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 HKCU\SearchScopes\{AB94D54B-6ABC-4763-B0A7-E978FE8ECBDF} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\pdf_architect_3_conv@pdfarchitect.org deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll O3 - Toolbar: PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe O4 - HKLM\..\Run: [Lexmark X5400 Series] "C:\Program Files (x86)\Lexmark X5400 Series\fm3032.exe" /s O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [OneDrive] "C:\Users\anne\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-154558-44482-6/4 (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-154558-44482-6/4 (file missing) (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: lxdvCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\x64\3\\lxdvserv.exe O23 - Service: lxdv_device - - C:\Windows\system32\lxdvcoms.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe O23 - Service: PGFNEX Service (PGFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Update service - Popcorn Time - C:\Program Files (x86)\Popcorn Time\Updater.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\anne\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\anne\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\anne\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\anne\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\anne\AppData\Local\Mozilla\Firefox\Profiles\rhow4nuq.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=138 folders=39 112456848 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\anne\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 17/11/2015 at 8:32:25,78 ======================