Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Hilaire on ma 29/02/2016 at 16:09:17,46. Microsoft Windows 10 Home 10.0.10240 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Hilaire\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 29/02/2016 16:12:54 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Program Files\log deleted successfully C:\PROGRA~3\AVG Web TuneUp deleted successfully C:\PROGRA~3\Comms deleted successfully C:\Users\Hilaire\AppData\Local\AVG Web TuneUp deleted successfully C:\Users\Hilaire\AppData\Local\NetworkTiles deleted successfully C:\Users\Hilaire\AppData\Local\PackageStaging deleted successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3514900110-1255315834-3301955316-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-3514900110-1255315834-3301955316-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Acrobat Reader DC - Nederlands Adobe Flash Player 20 PPAPI Adobe Refresh Manager Adobe Shockwave Player 12.1 Aldfaer All Family Games Avast SecureLine Belgium e-ID middleware 4.1.10 (build 1698) Bonjour CCleaner Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module CyberLink PhotoDirector CyberLink Power Media Player 14 CyberLink PowerDirector 12 CyberLink YouCam D3DX10 DisableMSDefender Dropbox 25 GB Energy Star Epson Easy Photo Print 2 Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) EPSON Scan EPSON SX218 Series Handboek EPSON SX218 Series Printer Uninstall Evernote v. 5.8.6 Ghostery HP Customer Experience Enhancements HP Deskjet 1510 series Basissoftware van het apparaat HP Deskjet 1510 series Help HP Documentation HP ePrint Windows Driver HP Photo Creations HP Recovery Manager HP Registration Service HP Support Assistant HP Support Solutions Framework HP System Event Utility HP Update HP Welcome HP Wireless Button Driver Intel(R) Chipset Device Software Intel(R) Dynamic Platform and Thermal Framework Intel(R) Processor Graphics Intel(R) Trusted Execution Engine Intel(R) Trusted Execution Engine Driver Intel© Security Assist Junk Mail filter update Kyodai Mahjongg 2006 v1.42 Malwarebytes Anti-Malware versie 2.2.0.1024 Microsoft Application Error Reporting Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Movie Maker Mozilla Firefox 44.0 (x86 nl) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 OpenOffice 4.1.2 Opera Mail 1.0 Opera Stable 34.0.2036.41 Panda Devices Agent Panda Free Antivirus Photo Common Photo Gallery REALTEK Bluetooth Driver Realtek Card Reader Realtek Ethernet Controller Driver Realtek High Definition Audio Driver REALTEK Wireless LAN Driver Recuva Revo Uninstaller 1.95 SkypeT 7.17 Software voor Intel© Chipset-apparaten Stuurprogrammapakket voor Windows - Fedict SmartCard (08/08/2015 4.1.5) swMSM Synaptics Pointing Device Driver Tweaking.com - Windows Repair Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources ZoneAlarm Firewall ZoneAlarm Free Firewall ZoneAlarm Security ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe c:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HPRegistrationService.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.5\ToolbarUpdater.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe C:\Users\Hilaire\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe C:\Users\Hilaire\Downloads\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater40.2.5 deleted successfully ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\AVG not found C:\$AVG not found "C:\windows\SysNative\DRIVERS\avgidsha.sys" not found "C:\windows\SysNative\DRIVERS\avgloga.sys" not found "C:\windows\SysNative\DRIVERS\avgmfx64.sys" not found "C:\windows\SysNative\DRIVERS\avgrkx64.sys" not found "C:\windows\SysNative\DRIVERS\avguniva.sys" not found "C:\windows\SysNative\DRIVERS\avgdiska.sys" not found "C:\windows\SysNative\DRIVERS\avgidsdrivera.sys" not found "C:\windows\SysNative\DRIVERS\avgldx64.sys" not found "C:\windows\SysNative\DRIVERS\avgwfpa.sys" not found "C:\windows\SysNative\DRIVERS\avgboota.sys" not found C:\ProgramData\AVAST Software deleted C:\Users\Hilaire\AppData\Roaming\AVAST Software deleted C:\Program Files (x86)\Common Files\AVG Secure Search deleted C:\ProgramData\AVG Security Toolbar deleted C:\ProgramData\Avg deleted C:\Users\Hilaire\AppData\Roaming\AVG deleted C:\Program Files\AVG Web TuneUp deleted C:\PROGRA~2\pandasecuritytb deleted C:\Users\Hilaire\Music\Qtrax Media Library deleted C:\PROGRA~3\Kingsoft deleted C:\PROGRA~3\AVG Secure Search deleted C:\PROGRA~3\{C6FA530F-BB98-4D9F-BA00-45FD0698077C} deleted C:\PROGRA~3\Package Cache deleted C:\Users\Hilaire\AppData\Local\BTServer.log deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\windows\SysNative\Tasks\Avast SecureLine deleted C:\windows\SysNative\Tasks\avast! SL Update deleted C:\Users\Hilaire\AppData\LocalLow\pandasecuritytb deleted C:\Users\Hilaire\AppData\Roaming\Mozilla\Firefox\Profiles\n2g1j2ww.default\extensions\firefox@ghostery.com.xpi deleted C:\Users\Hilaire\AppData\Roaming\Mozilla\Firefox\Profiles\n2g1j2ww.default\jetpack deleted C:\Users\Hilaire\AppData\Roaming\Mozilla\Firefox\Profiles\n2g1j2ww.default\pandasecuritytb deleted "C:\Program Files\AVAST Software\SecureLine\aswcmnbs.dll" deleted "C:\Program Files\AVAST Software\SecureLine\aswcmnis.dll" deleted "C:\Program Files\AVAST Software\SecureLine\aswcmnos.dll" deleted "C:\Program Files\AVAST Software\SecureLine\aswproperty.dll" deleted "C:\Program Files\AVAST Software\SecureLine\avastip.dll" deleted "C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe" deleted "C:\Program Files\AVAST Software" not deleted "C:\Program Files\AVAST Software\SecureLine" not deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8035 MB CPU Info: Intel(R) Celeron(R) CPU N3050 @ 1.60GHz CPU Speed: 1617,9 MHz Sound Card: luidspreker/Hoofdtelefoon (Real | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | Intel(R) HD Graphics Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Realtek PCIe FE Family Controller | Bluetooth Device (Personal Area Network) | Realtek RTL8723BE 802.11 bgn Wi-Fi Adapter CD / DVD Drives: 1x (E: | ) E: hp DVDRW SU208GB Ports: COM1 LPT Port NOT Present. Mouse: 12 Button Wheel Mouse Present Hard Disks: C: 448,4GB | D: 16,2GB | F: 698,6GB Hard Disks - Free: C: 391,5GB | D: 1,9GB | F: 643,5GB Manufacturer *: Insyde BIOS Info: AT/AT COMPATIBLE | | HPQOEM - 3 Time Zone: Romance (standaardtijd) Motherboard *: HP 80C5 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Internet Explorer Version: 11.0.10240.16683 Mozilla Firefox version: 44.0 (x86 nl) Opera Browser version: 34.0.2036.41 Adobe Reader version: 15.10.20056.167417 Shockwave Player version: 12.1.7r157 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-02-28 09:03:59 CA2A8AF1DBAD0F31F9B33A2827DFBC16 207 ----a-w- C:\WINDOWS\tweaking.com-regbackup-DESKTOP-8LD8VJ2-Windows-10-Home-(64-bit).dat ====== C:\Users\Hilaire\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2016-02-29 09:14:01 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\WINDOWS\SysWOW64\config.nt 2016-02-28 16:15:02 6E64487FA9D1C12B9F4B7CC026AB35E4 1811360 ----a-w- C:\WINDOWS\SysWOW64\combase.dll 2016-02-28 16:14:57 FB9F2F9B5A54B55513BD631C347E5539 5156352 ----a-w- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-02-28 16:14:51 FA240A6CA214E45D32589C12F6BDD198 9889280 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2016-02-28 16:14:50 13909B042F9108BDB579EDD047E30BDC 100352 ----a-w- C:\WINDOWS\SysWOW64\hlink.dll 2016-02-28 16:14:49 E8268D6315EDF8AE7D962BDA4385C2E4 11263488 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2016-02-28 16:14:48 655845C5F595DF0B978B397DC98C23C4 1531368 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll 2016-02-28 16:14:47 9F6A8D14CD6FD0AFA80857EF2C3B9793 1180696 ----a-w- C:\WINDOWS\SysWOW64\msctf.dll 2016-02-28 16:14:45 6F2A9DBCB9295C7AD7C7CCF832E68C5F 3580416 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2016-02-28 16:14:42 62773199218A030BFD31FC8967956F8C 2316800 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2016-02-28 16:14:41 B8E38AE9C00193295EE7331DE9C40C98 162304 ----a-w- C:\WINDOWS\SysWOW64\msorcl32.dll 2016-02-28 16:14:41 78C5657DEE058300494BCC7DF7494171 809336 ----a-w- C:\WINDOWS\SysWOW64\WinTypes.dll 2016-02-28 16:14:40 C204D78728669D166035B33DDC198BF3 19324928 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2016-02-28 16:14:37 A9B86710997E59E5474288C304F7A09D 18802176 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2016-02-28 16:14:34 608BFE4138C129C8C889642875C9CC8C 5457408 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2016-02-28 16:14:34 233A638C899D0894DECA3264F1055608 768000 ----a-w- C:\WINDOWS\SysWOW64\kerberos.dll 2016-02-28 16:14:33 FEB5ECF1846398328CEE17D9637D4B43 123392 ----a-w- C:\WINDOWS\SysWOW64\rasman.dll 2016-02-28 16:14:33 A322E7E192B8B0EBCFC966F738658F59 1535032 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2016-02-28 16:14:31 9B90B988D38860415441623BE38C919E 118272 ----a-w- C:\WINDOWS\SysWOW64\mtxoci.dll 2016-02-28 16:14:30 B72147A118DE90254FE5623BE0D8B547 1380864 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2016-02-28 16:14:30 3BAD13EE0D5C042FB94D18D582B2876C 678400 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll 2016-02-28 16:14:27 12E6F604E01E7FD9924FFE06633F329B 29696 ----a-w- C:\WINDOWS\SysWOW64\ztrace_maps.dll 2016-02-28 16:14:24 BDD9E4DD40FEF5DDCC19DAF2DDFD0B55 574464 ----a-w- C:\WINDOWS\SysWOW64\Chakradiag.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-02-29 14:59:41 48309CB8FDFFA19167F3E29656A96CA1 16148 ----a-w- C:\WINDOWS\Sysnative\DESKTOP-8LD8VJ2_Hilaire_HistoryPrediction.bin 2016-02-28 16:15:02 D952D556E91D9632E78D86486A852480 2601160 ----a-w- C:\WINDOWS\Sysnative\combase.dll 2016-02-28 16:15:01 C946AEE8429FF768B83370B8622228FD 24593920 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2016-02-28 16:14:59 35F8ACECDEB73AFDD735024D487B9733 21873152 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2016-02-28 16:14:58 05194EC3EE2C52C8FB56934DF04342FD 6787072 ----a-w- C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll 2016-02-28 16:14:56 2430B1820D4E03796F672E3D47B88E64 3793408 ----a-w- C:\WINDOWS\Sysnative\rdpcorets.dll 2016-02-28 16:14:55 E6AAA1D03A335E9FD0DAC571D34A11B2 11557888 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2016-02-28 16:14:54 702F35D9C55C2542167D095E5E04DA4C 109056 ----a-w- C:\WINDOWS\Sysnative\hlink.dll 2016-02-28 16:14:53 D8B483512EE10CFF928B48DD170EED20 12504576 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2016-02-28 16:14:50 C434FCF543A695C61473B89C0AA0E266 1951872 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll 2016-02-28 16:14:47 759D0783E28D36F5F1940D8B034F4116 1420392 ----a-w- C:\WINDOWS\Sysnative\msctf.dll 2016-02-28 16:14:46 E8CDFD9848A322710381BDD02318391F 4791808 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2016-02-28 16:14:44 D877CE1C83D65C7B56A43A23279578DD 1248896 ----a-w- C:\WINDOWS\Sysnative\WinTypes.dll 2016-02-28 16:14:44 9AD8FCCC95B68BC3129AA2318CE55717 680448 ----a-w- C:\WINDOWS\Sysnative\rasmans.dll 2016-02-28 16:14:44 2FE47060B982C6581625B8F7B5C348DA 2237952 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2016-02-28 16:14:43 71EF55BA035CD459D8230501D067D2F8 2849792 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2016-02-28 16:14:42 9B5AD01707BCB13C0210F23783EB52DF 7525376 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2016-02-28 16:14:38 51751637A4D2E4FE7D78D09200F783F4 3588096 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2016-02-28 16:14:35 B3DF06FB336015D10F8465CC1A757588 237056 ----a-w- C:\WINDOWS\Sysnative\NetworkDesktopSettings.dll 2016-02-28 16:14:35 4755CB0DFC71A5E7BED76F06AF4FB043 1824880 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2016-02-28 16:14:32 DA61908DEEA93778F734F7CACD56D374 784384 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll 2016-02-28 16:14:32 A7BDBC49FF5872021DF41DA9A41E21E9 1602560 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2016-02-28 16:14:32 1AA2F04762F406D278F01C987FAB64A1 141312 ----a-w- C:\WINDOWS\Sysnative\rasman.dll 2016-02-28 16:14:31 F656227BF2A48E6AE961D4F3CA72D6B4 950272 ----a-w- C:\WINDOWS\Sysnative\kerberos.dll 2016-02-28 16:14:31 82C3C86BC2C549DBC2EB9D9F25A927FA 147456 ----a-w- C:\WINDOWS\Sysnative\mtxoci.dll 2016-02-28 16:14:29 732E6047741D56DEB021EBC5874F5730 79360 ----a-w- C:\WINDOWS\Sysnative\rdpudd.dll 2016-02-28 16:14:29 5629C5C03B4AC4F775107871B81BD566 291840 ----a-w- C:\WINDOWS\Sysnative\microsoft-windows-system-events.dll 2016-02-28 16:14:28 961550B1BA8C3920992BDE9D4FCEE10F 366592 ----a-w- C:\WINDOWS\Sysnative\wuuhext.dll 2016-02-28 16:14:27 03995D643D7F17888FAB5D481EB61BE9 34816 ----a-w- C:\WINDOWS\Sysnative\ztrace_maps.dll 2016-02-28 16:14:26 52BF5D90F5A412B35AAD7F78F1AAD6E9 33280 ----a-w- C:\WINDOWS\Sysnative\wups2.dll 2016-02-28 16:14:25 EC0CC3AAD8D75D9A7A7FD890606662B8 771072 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll 2016-02-28 16:14:25 796F2E05D1500D7005064AE84F0AE329 47616 ----a-w- C:\WINDOWS\Sysnative\wups.dll 2016-02-28 16:14:24 A117F0406DAA8ABDEF0E393E084DDA3E 88064 ----a-w- C:\WINDOWS\Sysnative\ngckeyenum.dll 2016-02-28 11:03:05 6FB144600FAE112D455DC5792091B42A 301728 ------w- C:\WINDOWS\Sysnative\MpSigStub.exe ====== C:\WINDOWS\Sysnative\drivers ===== 2016-02-28 16:14:32 8E3F4C3A8EA2E787E6089618675501D0 143872 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxdav.sys 2016-02-27 17:53:24 2D5DC68D64757C1F4147E655F33B73DA 431382 ----a-w- C:\WINDOWS\Sysnative\drivers\vsconfig.xml 2016-02-26 17:49:23 F803473CD0E5D36D02EB58109F1294CD 62080 ----a-w- C:\WINDOWS\Sysnative\drivers\PSKMAD.sys 2016-02-26 17:47:37 AA0BA747EC0431EB104BB2FF6440DD66 173488 ----a-w- C:\WINDOWS\Sysnative\drivers\PSINAflt.sys 2016-02-26 17:47:37 65A7D90A0C1E8B972CB0C99A4C8DB6B1 146352 ----a-w- C:\WINDOWS\Sysnative\drivers\PSINProt.sys 2016-02-26 17:47:36 868F4F576974830118E1DDBF129511E2 117168 ----a-w- C:\WINDOWS\Sysnative\drivers\PSINReg.sys 2016-02-26 17:47:25 D8B1D430406F95B761D67C4AD1914D8F 133552 ----a-w- C:\WINDOWS\Sysnative\drivers\PSINProc.sys 2016-02-26 17:47:24 EA50EC24E63CB1011AB6D47A80804478 129456 ----a-w- C:\WINDOWS\Sysnative\drivers\PSINFile.sys 2016-02-26 17:47:24 C62E122E2D40C403CA1C7D2382319C1E 207280 ----a-w- C:\WINDOWS\Sysnative\drivers\PSINKNC.sys 2016-02-13 01:46:22 190FE0CE4D43AD8EED97AAA68827E2C6 461792 ----a-w- C:\WINDOWS\Sysnative\drivers\vsdatant.sys 2016-02-09 09:39:13 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys 2016-02-09 09:38:39 CFBC6C6D8A492697CABD1D353EE64933 25816 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys 2016-02-09 09:38:39 42B3F5C9FBC9B3F0E0BA6B5D7FC8E849 109272 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys 2016-02-09 09:38:39 08DECFCB9BA97786165A69AB1015BC30 64216 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys 2016-02-09 09:25:15 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf ====== C:\WINDOWS\Tasks ====== 2016-02-28 10:17:41 44075A91E504C635B344FA16B8DE9B0B 3660 ----a-w- C:\WINDOWS\Sysnative\Tasks\CreateExplorerShellUnelevatedTask 2016-02-28 09:02:41 29F99B7F6EAAB8767AD1EE6B8CEF7954 3786 ----a-w- C:\WINDOWS\Sysnative\Tasks\Tweaking.com - Windows Repair Tray Icon 2016-02-27 10:03:13 3E93F9190E6F52E069247F7F9F98C874 4280 ----a-w- C:\WINDOWS\Sysnative\Tasks\avast! Emergency Update ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-02-27 18:07:50 -------- d-----w- C:\Program Files\Common Files\AV 2016-02-24 17:09:09 -------- d-----w- C:\Program Files\trend micro 2016-02-09 16:20:50 -------- d-----w- C:\Program Files\Recuva ======= C:\PROGRA~2 ===== 2016-02-28 10:00:42 -------- d--h--w- C:\PROGRA~2\Uninstall Information 2016-02-28 08:58:02 -------- d-----w- C:\PROGRA~2\Tweaking.com 2016-02-27 17:45:37 -------- d-----w- C:\PROGRA~2\CheckPoint 2016-02-25 16:12:23 -------- d-----w- C:\PROGRA~2\KeePass Password Safe 2016-02-25 15:10:16 -------- d-----w- C:\PROGRA~2\ESET 2016-02-24 09:39:27 -------- d-----w- C:\PROGRA~2\Google 2016-02-18 11:23:52 -------- d-----w- C:\PROGRA~2\HP 2016-02-11 18:05:37 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server Compact Edition ======= C: ===== ====== C:\Users\Hilaire\AppData\Roaming ====== 2016-02-29 15:35:09 -------- d-----w- C:\Users\Hilaire\AppData\Local\NetworkTiles 2016-02-28 12:56:37 8AF124A660754CDCFC0CE1B90EBAF043 806344 ----a-w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2016-02-28 09:02:39 -------- d-----w- C:\Users\Hilaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com\Windows Repair (All in One) 2016-02-28 09:02:39 -------- d-----w- C:\Users\Hilaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com 2016-02-24 16:50:19 -------- d-----w- C:\Users\Hilaire\AppData\Local\ElevatedDiagnostics 2016-02-24 09:39:27 -------- d-----w- C:\Users\Hilaire\AppData\Local\Google 2016-02-18 11:44:16 -------- d-----w- C:\Users\Hilaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP\HP Photo Creations 2016-02-18 11:44:16 -------- d-----w- C:\Users\Hilaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP 2016-02-18 11:20:55 -------- d-----w- C:\Users\Hilaire\AppData\Local\HP 2016-02-17 08:48:32 -------- d-----w- C:\Users\Default\AppData\Local\AVG 2016-02-17 08:48:32 -------- d-----w- C:\Users\Default User\AppData\Local\AVG ====== C:\Users\Hilaire ====== 2016-02-29 09:12:51 63899C50DA73EAEFD59BE850E51ED38D 329088 ----a-w- C:\Users\Hilaire\Downloads\aswclear.exe 2016-02-27 18:53:04 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp 2016-02-27 17:53:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point 2016-02-27 17:45:19 -------- d-----w- C:\ProgramData\CheckPoint 2016-02-26 17:48:39 -------- d-----w- C:\ProgramData\panda_url_filtering 2016-02-26 17:46:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus 2016-02-18 11:25:44 -------- d-----w- C:\ProgramData\Visan 2016-02-18 11:25:14 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2016-02-18 11:22:06 B68E18B11BEEA5D95FE8D9C889CC4B9C 57 ----a-w- C:\ProgramData\Ament.ini 2016-02-18 11:16:50 -------- d-----w- C:\ProgramData\HP ====== C: exe-files == 2016-02-29 09:12:51 63899C50DA73EAEFD59BE850E51ED38D 329088 ----a-w- C:\Users\Hilaire\Downloads\aswclear.exe 2016-02-29 02:36:25 9FA5F238220E48F0E26A1E03C737066D 173760 ----a-w- C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\setupplatform.exe 2016-02-29 02:36:25 76CC107DDFB84B1F1337E148C771721D 279232 ----a-w- C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\mighost.exe 2016-02-29 02:19:22 81583B60CB20A7FE43E1F75B4201CC34 535968 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\47e6c7bf-6ba8-4431-b81b-7e676ad9357a\IntelWiDiUMS64.exe 2016-02-29 02:19:22 19D63B21F33FB676849A5E34D932C528 3539000 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\47e6c7bf-6ba8-4431-b81b-7e676ad9357a\IntelWiDiVAD64.exe 2016-02-29 02:19:21 B9E23E5A9D00CE85C5926E6C33F5E3A2 621472 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\47e6c7bf-6ba8-4431-b81b-7e676ad9357a\IntelCpHDCPSvc.exe 2016-02-29 02:19:21 6495F9D2562B0CCD1A919BE360BFB586 1015712 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\47e6c7bf-6ba8-4431-b81b-7e676ad9357a\igxpun.exe 2016-02-29 02:19:21 3A19FD28BF891CB67FD89A94BEC88C3F 402344 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\47e6c7bf-6ba8-4431-b81b-7e676ad9357a\igfxTray.exe 2016-02-29 02:19:21 137BC921135ECDA3E9917B56E3550D32 300968 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\47e6c7bf-6ba8-4431-b81b-7e676ad9357a\IntelCpHeciSvc.exe 2016-02-29 02:19:20 D61AEC9A148F08A82487938E4EA5DADC 354216 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\47e6c7bf-6ba8-4431-b81b-7e676ad9357a\igfxEM.exe 2016-02-29 02:19:20 D17636A2E6CEF689E05998449ABF0387 268704 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\47e6c7bf-6ba8-4431-b81b-7e676ad9357a\igfxHK.exe 2016-02-29 02:19:20 9C956B7195BBD73C74E02EE1EE4C504C 1026464 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\47e6c7bf-6ba8-4431-b81b-7e676ad9357a\igfxSDK.exe 2016-02-29 02:19:20 8895233A0B2E715A3843665BBB2AD398 236456 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\47e6c7bf-6ba8-4431-b81b-7e676ad9357a\igfxext.exe 2016-02-29 02:19:20 078DE1A9D9DB0BB617D4DCF1EF925928 373160 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\47e6c7bf-6ba8-4431-b81b-7e676ad9357a\igfxCUIService.exe 2016-02-29 02:19:06 A0917455AF57869C8030AB9406CE74DD 958880 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\47e6c7bf-6ba8-4431-b81b-7e676ad9357a\Gfxv2_0.exe 2016-02-29 02:19:06 3D75B1F7559E02F1ABEA6B0D60582FBA 962464 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\47e6c7bf-6ba8-4431-b81b-7e676ad9357a\Gfxv4_0.exe 2016-02-29 02:19:05 99D6C7014D2D29F2C41C8BCD4BBDAA36 231336 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\47e6c7bf-6ba8-4431-b81b-7e676ad9357a\DPTopologyAppv2_0.exe 2016-02-29 02:19:05 7C336C41841A3F0CB718FD870F71B2B4 231848 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\47e6c7bf-6ba8-4431-b81b-7e676ad9357a\DPTopologyApp.exe 2016-02-29 02:19:05 4FCAD721FB902251AF41E321FEBC1F80 174504 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\47e6c7bf-6ba8-4431-b81b-7e676ad9357a\difx64.exe 2016-02-29 02:19:05 2BFBD09F1C38EC98D03EFE48A45CE30E 466344 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\47e6c7bf-6ba8-4431-b81b-7e676ad9357a\GfxUIEx.exe 2016-02-28 16:14:25 4CD2ABDD6D4297405487BD569DBD25A0 2142208 ----a-w- C:\Program Files\Windows Journal\Journal.exe 2016-02-28 08:58:02 9BDCF813D65265255B820BC7A704DA3C 1388544 ----a-w- C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\uninstall.exe 2016-02-28 08:57:25 9BDCF813D65265255B820BC7A704DA3C 1388544 ----a-w- C:\Users\Hilaire\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe 2016-02-27 18:07:50 DCAA53B59F4A296E7DADA9A5FFDC3C9B 3998952 ----a-w- C:\Program Files\Common Files\AV\ZoneAlarm Free Firewall Antivirus\upgrade.exe 2016-02-27 17:45:19 71B8E082C64CDE2455EA2A094F3FCC04 65088 ----a-w- C:\Program Files (x86)\CheckPoint\Install\vsdrinst64.exe 2016-02-27 17:45:18 5B122B903F4517D5489504A4C3642CE4 66112 ----a-w- C:\Program Files (x86)\CheckPoint\Install\vsdrinst.exe 2016-02-27 17:45:17 F04AB7C0BCECC09E11DB7BDD9BE5B8AC 50432 ----a-w- C:\Program Files (x86)\CheckPoint\Install\IntegrityCheck.exe 2016-02-27 17:45:17 B2BA2B9047C250B41CB606DBA6ECC1B0 746824 ----a-w- C:\Program Files (x86)\CheckPoint\Install\Uninst.exe 2016-02-27 17:45:17 B0B1F71E26459CF70164457C116AE032 439096 ----a-w- C:\Program Files (x86)\CheckPoint\Install\Launcher.exe 2016-02-27 17:45:17 9F3E7FC5DAE15C7BE433EB61CE8A7172 2915128 ----a-w- C:\Program Files (x86)\CheckPoint\Install\Install.exe 2016-02-27 17:45:17 674CE74F6511382F534D6AA2B4B37B75 62568 ----a-w- C:\Program Files (x86)\CheckPoint\Install\handlecmsg.exe 2016-02-27 17:45:16 B55245CEDEDB97492AE6DCBBA68D0F81 18040 ----a-w- C:\Program Files (x86)\CheckPoint\Install\Clean_tool64.exe 2016-02-27 17:45:16 B358697CC505A0996747CAF3B0C57807 16504 ----a-w- C:\Program Files (x86)\CheckPoint\Install\Clean_tool.exe 2016-02-27 09:14:47 F0B5FAE0268D84B1CE6EA3B98D4D69EB 331464 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe 2016-02-27 09:14:46 E78517BD20C282FBCA150D2B3ACCC760 2870984 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe 2016-02-27 09:14:46 B23901621E5BD2EF1AAC3E6E6CB9E7FF 422600 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe 2016-02-27 09:14:46 4B0F506ACF0A8AE6D6B3E4CF6778B722 122568 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe 2016-02-27 09:14:46 21B9AB1916917F9476B767F605345E62 532168 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe === C: other files == 2016-02-29 02:19:14 65E73EF0D3BFEE31A71E1653651D774D 7328168 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\47e6c7bf-6ba8-4431-b81b-7e676ad9357a\igdkmd64lp.sys 2016-02-29 02:19:14 34E103A5EFF7EADA5ADE6D61294FAA7F 7858088 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\47e6c7bf-6ba8-4431-b81b-7e676ad9357a\igdkmd64.sys 2016-02-29 02:19:00 F9CBA964C9AEA40ADD0108268E0194EC 624424 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\f443adc2-7c5d-490a-8157-76b5a6424373\RtkBtfilter.sys 2016-02-29 02:19:00 67AC9F7B3E1A9C8BDB76C1761EA2E20C 4629744 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\6628523d-daa0-4662-8619-0c930c2fa081\rtwlane.sys 2016-02-29 02:18:59 C7EC2E30EA72D94FB1C19DDE62550ED7 114976 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\88bf7720-0f12-4c21-9723-f9553c08784e\TXEIx64.sys 2016-02-28 16:14:38 51751637A4D2E4FE7D78D09200F783F4 3588096 ----a-w- C:\Windows\System32\win32kfull.sys 2016-02-28 16:14:32 8E3F4C3A8EA2E787E6089618675501D0 143872 ----a-w- C:\Windows\System32\drivers\mrxdav.sys 2016-02-26 17:49:23 F803473CD0E5D36D02EB58109F1294CD 62080 ----a-w- C:\Windows\System32\drivers\PSKMAD.sys 2016-02-26 17:48:40 E4D444FAE0175BE2786B5A178F5A6CC0 181 ----a-w- C:\ProgramData\panda_url_filtering\white.zip 2016-02-26 17:47:37 AA0BA747EC0431EB104BB2FF6440DD66 173488 -c--a-w- C:\Windows\System32\DRVSTORE\PSINAflt_E7E640259B97C5B460233DB11F626733FFD123AA\PSINAflt.sys 2016-02-26 17:47:37 AA0BA747EC0431EB104BB2FF6440DD66 173488 ----a-w- C:\Windows\System32\drivers\PSINAflt.sys 2016-02-26 17:47:37 65A7D90A0C1E8B972CB0C99A4C8DB6B1 146352 -c--a-w- C:\Windows\System32\DRVSTORE\PSINProt_93806A536B2BE2612121BE3E72C44D4A682A12FA\PSINProt.sys 2016-02-26 17:47:37 65A7D90A0C1E8B972CB0C99A4C8DB6B1 146352 ----a-w- C:\Windows\System32\drivers\PSINProt.sys 2016-02-26 17:47:36 868F4F576974830118E1DDBF129511E2 117168 -c--a-w- C:\Windows\System32\DRVSTORE\PSINReg_C8D45695AEFE7D1A3DBD003F3F3CCAA1C1D92E46\PSINReg.sys 2016-02-26 17:47:36 868F4F576974830118E1DDBF129511E2 117168 ----a-w- C:\Windows\System32\drivers\PSINReg.sys 2016-02-26 17:47:25 D8B1D430406F95B761D67C4AD1914D8F 133552 -c--a-w- C:\Windows\System32\DRVSTORE\PSINProc_89D4BCB26E728A39985C5773D2D4652877A2DC68\PSINProc.sys 2016-02-26 17:47:25 D8B1D430406F95B761D67C4AD1914D8F 133552 ----a-w- C:\Windows\System32\drivers\PSINProc.sys 2016-02-26 17:47:24 EA50EC24E63CB1011AB6D47A80804478 129456 -c--a-w- C:\Windows\System32\DRVSTORE\PSINFile_9099732A843E678E5E00379731AC8036CB1FE545\PSINFile.sys 2016-02-26 17:47:24 EA50EC24E63CB1011AB6D47A80804478 129456 ----a-w- C:\Windows\System32\drivers\PSINFile.sys 2016-02-26 17:47:24 C62E122E2D40C403CA1C7D2382319C1E 207280 -c--a-w- C:\Windows\System32\DRVSTORE\PSINKnc_4D8021F88C4479C8D198FAB698274C07099AE947\PSINKNC.sys 2016-02-26 17:47:24 C62E122E2D40C403CA1C7D2382319C1E 207280 ----a-w- C:\Windows\System32\drivers\PSINKNC.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "ZoneAlarm Windows 10 Upgrader"="C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe /delay" [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-3514900110-1255315834-3301955316-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Hilaire\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "ZoneAlarm Windows 10 Upgrader"="C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe /delay" [HKEY_USERS\S-1-5-21-3514900110-1255315834-3301955316-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Hilaire\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Hilaire\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPMessageService"="C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe" "isa"="C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe" "PowerDVD14Agent"="C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "PSUAMain"="C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe /LaunchSysTray" "ZoneAlarm"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Hilaire\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Hilaire\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Hilaire\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BtServer"="C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe [10/02/2016 18:16] C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10/02/2016 18:16] C:\WINDOWS\tasks\HPCeeScheduleForHilaire.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [16/06/2015 09:51] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player PPAPI Notifier" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\AVGPCTuneUp_Task_BkGndMaintenance" [C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CreateExplorerShellUnelevatedTask" [C:\WINDOWS\explorer.exe] "C:\WINDOWS\SysNative\tasks\DropboxOEM" ["%ProgramFiles(x86)%\Dropbox\DropboxOEM\DropboxOEM.exe"] "C:\WINDOWS\SysNative\tasks\HPCeeScheduleForHilaire" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\WINDOWS\SysNative\tasks\Opera scheduled Autoupdate 1451215070" [C:\Program Files (x86)\Opera\launcher.exe] "C:\WINDOWS\SysNative\tasks\Tweaking.com - Windows Repair Tray Icon" [C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{1B7E5B5F-CF77-4BA8-8183-7102E23D66B7}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\YCMServiceAgent" [C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" ["C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe"] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\First Boot" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Hilaire\AppData\Roaming\Mozilla\Firefox\Profiles\n2g1j2ww.default - Panda Security Toolbar - %ProfilePath%\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Hilaire\AppData\Roaming\Mozilla\Firefox\Profiles\n2g1j2ww.default B5CFBB8AC7C0069D80DBEAA72F3CE9E2 - C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll - Shockwave for Director / Shockwave for Director 0216FCE16072CCFD7A060603CD730CB5 - C:\Users\Hilaire\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[] Google Docs - Hilaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Hilaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Hilaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Hilaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Docs Offline - Hilaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chrome Web Store Payments - Hilaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Hilaire\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://mysearch.avg.com/?cid={14AA3ABB-2191-463C-9D02-95D8FA9B8C8A}&mid=6a3708419edc47ccb85d99ab02c9bf7d-35909c0902e458a32101d551dec0389621fc8795&lang=en&ds=AVG&coid=avgtbavg&cmpid=0116tb&pr=fr&d=2015-12-22 18:13:36&v=4.2.4.155&pid=wtu&sg=&sap=hp" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{95B7759C-8C7F-4BF1-B163-73684A933233}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3514900110-1255315834-3301955316-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\wrc@avast.com deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\wrc@avast.com deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Ghostery Plugin - {6BF739DD-3323-4C6A-975B-C7E00A50B154} - C:\Program Files (x86)\Ghostery\bin\ghostery.dll O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe O4 - HKLM\..\Run: [isa] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe O4 - HKLM\..\Run: [PowerDVD14Agent] "C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe" O4 - HKCU\..\Run: [OneDrive] "C:\Users\Hilaire\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Hilaire\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Hilaire\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [ZoneAlarm Windows 10 Upgrader] "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ZoneAlarm Windows 10 Upgrader] "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay (User 'Default user') O4 - Startup: Inktwaarschuwingen controleren - HP Deskjet 1510 series.lnk = ? O8 - Extra context menu item: Afbeelding knippen - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 O8 - Extra context menu item: Kopieer selectie - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 O8 - Extra context menu item: Kopieer URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 O8 - Extra context menu item: Nieuwe notitie - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html O8 - Extra context menu item: Pagina opemen - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @oem23.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\WINDOWS\SysWOW64\esif_uf.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Registration Service (HPRegistrationSvc) - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HPRegistrationService.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe O23 - Service: Intel(R) Security Assist - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe O23 - Service: panda_url_filtering Service (panda_url_filtering) - Visicom Media Inc. - C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Avast SecureLine (SecureLine) - Unknown owner - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hilaire\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Hilaire\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Hilaire\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully C:\Users\Hilaire\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=682 folders=121 182659480 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Hilaire\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files\AVAST Software" not found ==== EOF on ma 29/02/2016 at 16:58:32,91 ======================