Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by van la Parra on za 30-04-2016 at 8:44:21,73. Microsoft Windows 10 Pro 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\van la Parra\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 30-4-2016 8:49:07 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Users\van la Parra\AppData\Local\ActiveSync deleted successfully C:\Users\van la Parra\AppData\Local\PeerDistRepub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== 64 Bit HP CIO Components Installer 7-Zip 15.14 (x64 edition) Adblock Plus voor IE (32-bit en 64-bit) Adobe Acrobat Reader DC - Nederlands Adobe AIR Adobe Flash Player 21 NPAPI Adobe Refresh Manager Adobe Shockwave Player 12.2 AIO_CDA_ProductContext AIO_CDA_Software AIO_Scan BufferChm C4100 c4100_Help CCleaner Comodo Dragon Compatibiliteitspakket voor het 2007 Microsoft Office system Copy Destinations DeviceDiscovery DocProc Fax G Data LNK-Checker G DATA TOTAL PROTECTION GoodSync Google Earth Google Photos Backup Google Update Helper GPBaseService2 HP Customer Experience Enhancements HP Customer Participation Program 14.0 HP Imaging Device Functions 14.0 HP Photo Creations HP Photosmart All-In-One Driver Software HP Solution Center 14.0 HP Support Assistant HP Support Solutions Framework HP Update HPDiagnosticAlert HPPhotoGadget HPProductAssistant HPSSupply Intel(R) Graphics Media Accelerator Driver Internet Explorer (Enable DEP) Java 8 Update 77 Java 8 Update 77 (64-bit) Java 8 Update 91 Java 8 Update 91 (64-bit) Java Auto Updater Malwarebytes Anti-Malware versie 2.2.1.1043 MarketResearch Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.5.2 (NLD) Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64) Microsoft Office File Validation Add-In Microsoft Office Professional Editie 2003 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Mozilla Firefox 46.0 (x86 nl) Mozilla Maintenance Service MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NAVIGON Fresh 3.5.1 Network64 OCR Software by I.R.I.S. 14.0 Picasa 3 Pidgin Popcorn Time Rapport Realtek High Definition Audio Driver Samsung Kies Samsung Kies3 Samsung USB Driver for Mobile Phones Shop for HP Supplies SkypeT 7.22 Smart Switch SolutionCenter Status swMSM Toolbox TrayApp Trusteer Eindpuntbeveiliging Unchecky v0.4.3 VLC media player WebReg ==== Running Processes ====================== C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKService.exe C:\WINDOWS\SysWOW64\svchost.exe C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\G DATA\TotalProtection\AVKTray\AVKTray.exe C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFirewallTray.exe C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\van la Parra\Downloads\zoek.exe C:\Program Files (x86)\G DATA\TotalProtection\TSNxG\TSNxGService.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3319 MB CPU Info: Intel(R) Pentium(R) Dual CPU E2160 @ 1.80GHz CPU Speed: 1850,8 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: Intel(R) 946GZ Express Chipset Family (Microsoft Corporation - WDDM 1.1) Monitors: 1x; SyncMaster 2443NW/2443NWX | Screen Resolution: 1920 X 1200 - 32 bit Network: Network Present Network Adapters: Intel(R) PRO/100 VE Network Connection CD / DVD Drives: 1x (E: | ) E: TSSTcorpCD/DVDW TS-H653L Ports: COM1 | COM2 LPT1 Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 260,1GB | D: 205,1GB Hard Disks - Free: C: 157,2GB | D: 201,1GB Manufacturer *: Phoenix Technologies, LTD BIOS Info: AT/AT COMPATIBLE | 05/25/07 | HPQOEM - 42302e31 Time Zone: West-Europa (standaardtijd) Motherboard *: MSI 0A90 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Default Browser: Internet Explorer 11.00.10586.0 (th2_release.151029-1700) Internet Explorer Version: 11.212.10586.0 Mozilla Firefox version: 46.0 (x86 nl) Adobe Reader version: 15.10.20056.167417 Sun Java version: 1.8.0_91 (32-bit) Sun Java version: 1.8.0_91 (64-bit) Flash Player version: 21.0.0.213 Shockwave Player version: 12.2.4r194 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\VANLAP~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2016-04-25 19:21:09 59071590099D21DD439896592338BF95 524288 --sha-w- C:\WINDOWS\SysWOW64\18{672f9bec-0b11-11e6-9c98-0019dbbaac24}.TMContainer00000000000000000002.regtrans-ms 2016-04-25 19:21:09 5215CC76B2E4376277042BF4A1DC62E9 65536 --sha-w- C:\WINDOWS\SysWOW64\18{672f9bec-0b11-11e6-9c98-0019dbbaac24}.TM.blf 2016-04-25 19:21:09 453E440312BBBDB0EFD3A69EC668039A 524288 --sha-w- C:\WINDOWS\SysWOW64\18{672f9bec-0b11-11e6-9c98-0019dbbaac24}.TMContainer00000000000000000001.regtrans-ms ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== ====== C:\WINDOWS\Sysnative\drivers ===== 2016-04-25 18:25:30 912CAA7E08A94A7C25CB315104AF42CD 18160 ----a-w- C:\WINDOWS\Sysnative\drivers\GdPhyMem.sys 2016-04-25 18:25:28 65BF29515C25819C18CA426EAEDF0B14 106272 ----a-w- C:\WINDOWS\Sysnative\drivers\GRD.sys 2016-04-25 18:09:47 DD7D5196EB9C4321EA57B668AF873840 37400 ----a-w- C:\WINDOWS\Sysnative\drivers\GDKBB64.sys 2016-04-25 18:09:39 AC43FC300024DBB0CC02C61785ECB5A9 29720 ----a-w- C:\WINDOWS\Sysnative\drivers\GDKBFlt64.sys 2016-04-25 18:09:35 CA3B8AD1A520FD002200F3E5F97ADD79 100352 ----a-w- C:\WINDOWS\Sysnative\drivers\TS4nt.sys 2016-04-25 18:08:44 8BA7DF1F47C14CBD45182157318A8A39 77848 ----a-w- C:\WINDOWS\Sysnative\drivers\gdwfpcd64.sys 2016-04-25 18:07:58 B4355AF2D50AFF399B8121CE83CE4356 92160 ----a-w- C:\WINDOWS\Sysnative\drivers\PktIcpt.sys 2016-04-25 18:07:38 47A65424A8C2B60F32B202EA74FB8978 134656 ----a-w- C:\WINDOWS\Sysnative\drivers\HookCentre.sys 2016-04-25 18:07:37 DD5B2516CC42B3F80EF987AF6D466461 160768 ----a-w- C:\WINDOWS\Sysnative\drivers\GDBehave.sys 2016-04-25 18:07:37 62F354B96AB176B8AC98DE8568FA236A 246272 ----a-w- C:\WINDOWS\Sysnative\drivers\MiniIcpt.sys 2016-04-13 13:20:37 1A490555FD330CA2764D89191177C867 285696 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb10.sys 2016-04-13 13:20:24 083A727D784009F9CCFB120C7841B7AF 2403680 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2016-04-13 13:20:14 E582DA849A58524E645545FB68B6625D 1152864 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2016-04-13 13:20:14 19BD8A88AAC580592668B070AC0727D9 2152280 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2016-04-13 13:20:13 935823F79CBEDB91637B63D37E3A5A36 148480 ----a-w- C:\WINDOWS\Sysnative\drivers\dfsc.sys 2016-04-13 13:20:13 0B3B0C1D86050355676640488FA897D3 430944 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys 2016-04-13 13:20:05 EDDB0D726DBECDFC1DBCC6DB464E5A13 146272 ----a-w- C:\WINDOWS\Sysnative\drivers\appid.sys 2016-04-13 13:20:05 E3C82823B22463BC38AA4F8ADA852624 104960 ----a-w- C:\WINDOWS\Sysnative\drivers\rasl2tp.sys 2016-04-13 13:20:05 AA4CD20708B7E0412A5316D7E2875103 530432 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys 2016-04-13 13:20:05 A4411C522D41707D5BCA817A5BB9E30B 114688 ----a-w- C:\WINDOWS\Sysnative\drivers\bridge.sys 2016-04-13 13:20:05 2BC2E99623119521EEF7910A11D0FDE0 694784 ----a-w- C:\WINDOWS\Sysnative\drivers\WdiWiFi.sys 2016-04-13 13:20:04 63C3F74DC398A1C1A77E39DFB9C312CA 1089888 ----a-w- C:\WINDOWS\Sysnative\drivers\http.sys 2016-04-13 13:19:59 F45665E77D11F3C1552EDBEAD1559DC8 1997152 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2016-04-13 13:19:59 64D4F5DE44B64B8284BADE5819B5195A 394080 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2016-04-13 13:19:59 33190E86460C4FF7382848187463DC28 576864 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2016-04-13 13:19:58 3B866F8CB10719A5AF9E410B1B149714 605440 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2016-04-13 13:19:58 28B8E1C6CBCF9FFE2FABFF3160C26ADF 258912 ----a-w- C:\WINDOWS\Sysnative\drivers\ufx01000.sys 2016-04-13 13:19:57 F279536122B83FD0D8E158AA753E1B7C 238592 ----a-w- C:\WINDOWS\Sysnative\drivers\xboxgip.sys 2016-04-13 13:19:57 DA0807D87A62D076C29C4E30F1E84F46 26112 ----a-w- C:\WINDOWS\Sysnative\drivers\xinputhid.sys 2016-04-13 13:19:57 B7E1CAA9429E4C3E7E01CB35B97E1536 534368 ----a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2016-04-13 13:19:57 B24408471C1BCB17FC44F5B47EA8DEA3 277856 ----a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys 2016-04-13 13:19:57 9E9D58F5E1702955B2F4D62996F80E8E 378208 ----a-w- C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS 2016-04-13 13:19:57 8949F77132A4F8F3BA17C6727099F002 127840 ----a-w- C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS 2016-04-13 13:19:57 8359F776CA899E761852F2293B724EAE 185184 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys 2016-04-13 13:19:57 469441BAE3FF8A16826FC62C51EF5E18 563552 ----a-w- C:\WINDOWS\Sysnative\drivers\acpi.sys 2016-04-13 13:19:57 249A563C48DFD9E42A37587653E003BB 83968 ----a-w- C:\WINDOWS\Sysnative\drivers\serial.sys 2016-04-13 13:19:57 0731E8F4D8D3B8D3FD98A46A8ABFE0A0 333824 ----a-w- C:\WINDOWS\Sysnative\drivers\portcls.sys 2016-04-13 12:30:06 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf ====== C:\WINDOWS\Tasks ====== 2016-04-28 13:55:48 86730FEF2EF64AE3D9792AE5DABAB177 3666 ----a-w- C:\WINDOWS\Sysnative\Tasks\CreateExplorerShellUnelevatedTask 2016-04-25 19:35:12 23FFC89316FBE6F30BF5E2912D7C52CE 3308 ----a-w- C:\WINDOWS\Sysnative\Tasks\HPCeeScheduleForvan la Parra 2016-04-18 20:09:49 9A84A65EB88F116A30C43233EB5EB93A 388 ----a-w- C:\WINDOWS\Tasks\HPCeeScheduleForvan la Parra.job 2016-04-16 04:57:08 FB269B277130C5A1162DCD122065F7D7 3394 ----a-w- C:\WINDOWS\Sysnative\Tasks\{1D4B1910-1D6C-4EE0-B826-761204C12280} 2016-04-05 14:15:35 A4DFC1EE7FE313BF7E08565A559C07C6 4210 ----a-w- C:\WINDOWS\Sysnative\Tasks\User_Feed_Synchronization-{A677905A-95B0-4987-8910-C67E15EE9D58} ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-04-16 19:20:54 -------- d-----w- C:\Program Files\trend micro 2016-04-13 13:08:41 -------- d-----w- C:\Program Files\Reference Assemblies 2016-04-13 13:08:41 -------- d-----w- C:\Program Files\MSBuild 2016-04-13 12:37:50 -------- d-----w- C:\Program Files\Common Files\SpeechEngines 2016-04-13 12:30:38 -------- d-----w- C:\Program Files\Realtek ======= C:\PROGRA~2 ===== 2016-04-21 17:25:10 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2016-04-16 05:48:35 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe AIR 2016-04-16 05:13:05 -------- d-----w- C:\PROGRA~2\Pidgin 2016-04-16 04:04:40 -------- d-----w- C:\PROGRA~2\COMMON~1\Steganos 2016-04-13 19:25:36 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2016-04-13 19:25:34 -------- d-----r- C:\PROGRA~2\Skype 2016-04-13 13:08:41 -------- d-----w- C:\PROGRA~2\Reference Assemblies 2016-04-13 13:08:41 -------- d-----w- C:\PROGRA~2\MSBuild 2016-04-13 12:37:55 -------- d-----w- C:\PROGRA~2\COMMON~1\SpeechEngines ======= C: ===== 2016-04-28 13:52:28 3C1F434A2E553D9E94DE7D838410A688 418 ----a-w- C:\DelFix.txt ====== C:\Users\van la Parra\AppData\Roaming ====== 2016-04-26 17:05:21 -------- d-----w- C:\Users\van la Parra\AppData\Temp 2016-04-26 17:05:20 -------- d-----w- C:\Users\van la Parra\AppData\Local\Temp 2016-04-16 10:28:09 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\CrashDumps 2016-04-16 06:34:46 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CrashDumps 2016-04-16 05:48:26 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Adobe 2016-04-13 14:26:24 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\DataSharing 2016-04-13 13:02:07 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Packages 2016-04-13 12:51:35 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft 2016-04-13 12:50:32 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Trusteer 2016-04-13 12:45:09 -------- d-----w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools 2016-04-13 12:45:09 -------- d-----w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility 2016-04-13 12:45:09 -------- d-----w- C:\Users\Default\AppData\Local\Trusteer 2016-04-13 12:45:09 -------- d-----w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools 2016-04-13 12:45:09 -------- d-----w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility 2016-04-13 12:45:09 -------- d-----w- C:\Users\Default User\AppData\Local\Trusteer 2016-04-13 12:34:58 -------- d-s---r- C:\Users\van la Parra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2016-04-13 12:34:58 -------- d-----w- C:\Users\van la Parra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2016-04-13 12:34:58 -------- d-----w- C:\Users\van la Parra\AppData\Roaming 2016-04-13 12:34:58 -------- d-----w- C:\Users\van la Parra\AppData\Local\Microsoft 2016-04-13 12:34:58 -------- d-----w- C:\Users\van la Parra\AppData\Local 2016-04-13 12:34:58 -------- d-----r- C:\Users\van la Parra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2016-04-13 12:34:58 -------- d-----r- C:\Users\van la Parra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-04-13 12:34:58 -------- d-----r- C:\Users\van la Parra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2016-04-13 12:34:58 -------- d-----r- C:\Users\van la Parra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-04-13 12:34:56 -------- d-s---r- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2016-04-13 12:34:56 -------- d-----w- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2016-04-13 12:34:56 -------- d-----w- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-04-13 12:34:56 -------- d-----w- C:\Users\DefaultAppPool\AppData\Roaming 2016-04-13 12:34:56 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local\Temp 2016-04-13 12:34:56 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local\Microsoft 2016-04-13 12:34:56 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local 2016-04-13 12:34:56 -------- d-----r- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2016-04-13 12:34:56 -------- d-----r- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-04-13 12:34:56 -------- d-----r- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility ====== C:\Users\van la Parra ====== 2016-04-29 17:08:44 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp 2016-04-28 19:04:04 CC5AE739C70BCA8C0383BE0AD8E56475 17566624 ----a-w- C:\Users\van la Parra\Downloads\GDCleanUp (3).exe 2016-04-28 17:09:47 39E34055745818D78E15712028BBEF27 946592 ----a-w- C:\Users\van la Parra\Downloads\MonActivityCS (1).exe 2016-04-28 16:45:00 9C11E01897711A6EAB9583F1A7518A44 800160 ----a-w- C:\Users\van la Parra\Downloads\Quarantine (1).exe 2016-04-28 16:44:21 5A855B0B120B4AE5C7C3E5F8D0A11989 555424 ----a-w- C:\Users\van la Parra\Downloads\svchost (2).exe 2016-04-26 19:04:28 79F7CEE2AD44F1FDE6377D9A4298C6C5 1274216 ----a-w- C:\Users\van la Parra\Downloads\NetFxRepairTool (1).exe 2016-04-26 17:24:31 56427CD7A2529AEAB14A7FEA8F945554 6882192 ----a-w- C:\Users\van la Parra\Downloads\ccsetup517.exe 2016-04-25 18:10:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA TOTAL PROTECTION 2016-04-25 18:04:16 -------- d-----w- C:\ProgramData\G DATA Software 2016-04-25 17:56:37 7A515671ECE9CA674CA094A1777A6E85 273974176 ----a-w- C:\Users\van la Parra\Downloads\INT_R_BASE_TP (2).exe 2016-04-25 17:54:08 47206A06E67041DA3FA227F96F1CC78B 872352 ----a-w- C:\Users\van la Parra\Downloads\AVCleaner (4).exe 2016-04-25 17:53:38 CC5AE739C70BCA8C0383BE0AD8E56475 17566624 ----a-w- C:\Users\van la Parra\Downloads\GDCleanUp (2).exe 2016-04-25 16:27:19 CC5AE739C70BCA8C0383BE0AD8E56475 17566624 ----a-w- C:\Users\van la Parra\Downloads\GDCleanUp (1).exe 2016-04-17 09:53:33 620C0F892E79D61EB245CB3E60142D13 3030608 ----a-w- C:\Users\van la Parra\Downloads\TeamViewerQS_nl (3).exe 2016-04-17 09:53:33 620C0F892E79D61EB245CB3E60142D13 3030608 ----a-w- C:\Users\van la Parra\Downloads\TeamViewerQS_nl (2).exe 2016-04-16 15:03:09 35D60FD322B1A61AAE7ADF909B6C0B26 7635472 ----a-w- C:\Users\van la Parra\Downloads\GetWindows10-sds_____________ (3).exe 2016-04-16 14:57:49 35D60FD322B1A61AAE7ADF909B6C0B26 7635472 ----a-w- C:\Users\van la Parra\Downloads\GetWindows10-sds_____________ (2).exe 2016-04-16 14:55:14 35D60FD322B1A61AAE7ADF909B6C0B26 7635472 ----a-w- C:\Users\van la Parra\Downloads\GetWindows10-sds_____________ (1).exe 2016-04-16 12:41:44 302A5EBE689F88A032AFEF5AB163D03D 94284776 ----a-w- C:\Users\van la Parra\Downloads\KVRT.exe 2016-04-16 12:29:11 CA41DBA55A727F01104871B160CD5B1D 1118920 ----a-w- C:\Users\van la Parra\Downloads\NDP452-KB2901954-Web.exe 2016-04-16 12:24:37 4D1BB86D0EEE168E1DA91A36350C1C21 1424328 ----a-w- C:\Users\van la Parra\Downloads\NDP461-KB3102438-Web.exe 2016-04-16 12:15:04 79F7CEE2AD44F1FDE6377D9A4298C6C5 1274216 ----a-w- C:\Users\van la Parra\Downloads\NetFxRepairTool.exe 2016-04-16 05:30:12 -------- d-----w- C:\ProgramData\Apple Computer 2016-04-16 05:26:00 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\.oracle_jre_usage 2016-04-16 05:18:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2016-04-16 05:11:28 -------- d-----w- C:\Users\Public\Foxit Software 2016-04-16 05:11:09 -------- d-----w- C:\ProgramData\Foxit ContentPlatform 2016-04-16 05:05:46 -------- d-----r- C:\WINDOWS\sysWoW64\config\systemprofile\Desktop 2016-04-16 03:47:09 -------- d-----w- C:\ProgramData\HitmanPro.Alert 2016-04-13 19:25:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-04-13 18:24:14 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\van la Parra\ntuser.ini 2016-04-13 12:34:58 -------- d--h--w- C:\Users\van la Parra\AppData 2016-04-13 12:34:56 -------- d--h--w- C:\Users\DefaultAppPool\AppData 2016-04-13 12:34:07 94914A1896AD9F76EE84F4A34FA9DBE8 196608 ----a-w- C:\WINDOWS\serviceprofiles\networkservice\msmqlog.bak 2016-04-13 12:34:07 73A6C5D559FF7D8036F1DD31D0C41EFF 4194304 ----a-w- C:\WINDOWS\serviceprofiles\networkservice\msmqlog.bin ====== C: exe-files == 2016-04-28 17:03:01 29C62900BD652D96AD1BBE83A5321C06 88670 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe 2016-04-28 17:02:59 F5CEB5CE82DC9CC94873C487DF2BA73C 146888 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 2016-04-28 17:00:43 2E93FC99437F9EF81A6FF3EFE57F6CCA 44953856 ----a-w- C:\PatchMyPCUpdates\firefox.exe 2016-04-24 17:02:58 DD9F563ED5B7EC26E7A426264B3F2D95 16448 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\tnameserv.exe 2016-04-24 17:02:58 B25DC6A13ABA9E8FFF2CD1263C743E28 197184 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\unpack200.exe 2016-04-24 17:02:57 E7515F02FFB77C45B4D513F4D03D03A7 16448 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\pack200.exe 2016-04-24 17:02:57 D6B719DC0E31A8FC40F104E60B8C2C8B 16448 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\orbd.exe 2016-04-24 17:02:57 D1AB999967F8A28DFCACDF9C36B050B6 16448 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\keytool.exe 2016-04-24 17:02:57 B99D62055428C5F5441168A19C2CDF34 16448 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\ktab.exe 2016-04-24 17:02:57 8A0082ABE576F310DD4E02412E5F7E01 16448 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\kinit.exe 2016-04-24 17:02:57 88834F8D801D1C51838CBEA9540DC912 16448 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\policytool.exe 2016-04-24 17:02:57 7C7065F461F9AEE43FA154D142A3C4AB 16448 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\klist.exe 2016-04-24 17:02:57 6830021B14ABAFE9898630906B8F8D20 16448 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\rmiregistry.exe 2016-04-24 17:02:57 46D0A8E4E2CFC998AEDA092128DA6496 16448 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\servertool.exe 2016-04-24 17:02:57 1CD0687B506F78E6AB8715A4A52FE60B 67136 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\ssvagent.exe 2016-04-24 17:02:57 159F67A2492CC7DCFB21BDBFA021D7AC 15936 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\rmid.exe 2016-04-24 17:02:56 9E714CE542A98E55205236660270FC0A 15936 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\jjs.exe 2016-04-24 17:02:56 8532B36AF74E2586E584374638C08703 101440 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\jp2launcher.exe 2016-04-24 17:02:55 BC546FD35F92708EC8A850C797E438B9 34368 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\jabswitch.exe 2016-04-24 17:02:55 BACBD0447706DC5428ED2BC9A02AF271 206912 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\javaw.exe 2016-04-24 17:02:55 99384F441B7FF0A74FBAF057AA9CEDDE 77888 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\javacpl.exe 2016-04-24 17:02:55 902FFB0AC360581F96AABDBF7D3483E7 206912 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\java.exe 2016-04-24 17:02:55 7AAF88126C1F7A21BF2C71B41C1C336D 15936 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\java-rmi.exe 2016-04-24 17:02:55 0677A5D41896F71234B400C4AA0E76B4 315456 ----a-w- C:\Program Files\Java\jre1.8.0_91\bin\javaws.exe 2016-04-23 09:52:29 F4FF5B6ABB94537232B49ADDB8D87EE1 1581016 ----a-w- C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\SwReporter\6.48.4\software_reporter_tool.exe === C: other files == 2016-04-25 15:43:13 75500AE19D1633408C2CF370F47F2806 1402 ----a-w- C:\Users\van la Parra\Downloads\explorer_repair_defaults(1).zip 2016-04-24 17:02:58 DC5ACEB8A0D820BFDC95507028761456 14130 ----a-w- C:\Program Files\Java\jre1.8.0_91\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "G Data ASM"="C:\Program Files (x86)\G Data\TotalProtection\DelayLoader\AutorunDelayLoader.exe /autostart" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Monitor"="C:\WINDOWS\PixArt\PAC207\Monitor.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DragonUpdater] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\KSS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MBAMService] ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08-04-2016 17:43] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-08-2015 17:57] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-08-2015 17:57] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3654615766-1524511065-2618837555-1000Core.job --a-------- C:\CC:\Users\van la Parra\AppData\Local\Google\Update\GoogleUpdate.exe [] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3654615766-1524511065-2618837555-1000UA.job --a-------- C:\Users\van la Parra\AppData\Local\Google\Update\GoogleUpdate.exe [28-08-2015 08:30] C:\WINDOWS\tasks\HP Photo Creations Communicator.job --a-------- C:\Users\van la Parra\AppData\Roaming\HP Photo Creations\Communicator.exe [19-08-2011 11:11] C:\WINDOWS\tasks\HPCeeScheduleForvan la Parra.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [16-06-2015 09:51] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\CreateExplorerShellUnelevatedTask" [C:\WINDOWS\explorer.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3654615766-1524511065-2618837555-1000Core" [C:\Users\van la Parra\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3654615766-1524511065-2618837555-1000UA" [C:\Users\van la Parra\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\HP Photo Creations Communicator" [C:\Users\van la Parra\AppData\Roaming\HP Photo Creations\Communicator.exe] "C:\WINDOWS\SysNative\tasks\HPCeeScheduleForvan la Parra" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\WINDOWS\SysNative\tasks\Patch My PC" [C:\Users\van la Parra\Desktop\PatchMyPC.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{A677905A-95B0-4987-8910-C67E15EE9D58}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\{4B88419E-3885-461F-B1FA-A524B8055955}" [C:\Users\van la Parra\Downloads\IE11-Windows6.1-x64-nl-nl.exe] "C:\WINDOWS\SysNative\tasks\{6E328748-C718-494C-BCED-F954F01918B9}" ["c:\windows\system32\launchwinapp.exe"] "C:\WINDOWS\SysNative\tasks\{F3894ECA-7C98-42AD-9171-C76F6F5A5522}" [C:\Users\van la Parra\Downloads\IE11-Windows6.1-x64-nl-nl.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] ==== Firefox Extensions ====================== ProfilePath: C:\Users\VANLAP~1\AppData\Roaming\Mozilla\Firefox\Profiles\d84ozzgd.default-1449068176930 - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\van la Parra\AppData\Roaming\Mozilla\Firefox\Profiles\d84ozzgd.default-1449068176930 8CE35D76726DFC8C3848BB26B3C79A54 - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 57C7E359ED8D049132EED23EFA444C63 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll - Shockwave Flash AF8A94BCB98C299C49B28CC12EBC0ED2 - C:\Users\van la Parra\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll - Google Update 77B6DD23DCA19A217D5A4C4CAF962895 - C:\Users\van la Parra\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer ==== Chromium Look ====================== HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions bbjllphbppobebmjpjcijfbakobcheof - No path found[] Comodo Drag&Drop Service - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo Rapport - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof Comodo Web Inspector - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn selector is not a valid CSS selector - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Comodo Media Downloader - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dihmnpngfonlhjmgkflpnibiaaliendo Google Analytics Opt-out Add-on by Google - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh IBA Opt-out (by Google) - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb Google Analytics Debugger - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jnkmfdileelhofjcijamephohjechhna Comodo Dragon Browser Light Theme - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kglppafajjeikfgmjjegogphhkjnnmgc Ad Sanitizer - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mbklemiimcpdblemkogjenikmcfhpnib Comodo Share Page Service - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf Chrome Web Store Payments - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Fixer for Java - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ocoiokalhgfiblapcgelblmeakhidmle Bitdefender QuickScan - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie Rapport - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof selector is not a valid CSS selector - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Analytics Opt-out Add-on by Google - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh IBA Opt-out (by Google) - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb Google Analytics Debugger - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnkmfdileelhofjcijamephohjechhna Chrome Web Store Payments - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Fixer for Java - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocoiokalhgfiblapcgelblmeakhidmle Bitdefender QuickScan - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll O4 - HKLM\..\Run: [G Data ASM] "C:\Program Files (x86)\G Data\TotalProtection\DelayLoader\AutorunDelayLoader.exe" /autostart O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: G DATA ANTIVIRUS Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe O23 - Service: G DATA Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKService.exe O23 - Service: G DATA Bestandssysteemmonitor (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKWCtlx64.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: G DATA Backup Service (GDBackupSvc) - G Data Software AG - C:\Program Files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe O23 - Service: G DATA Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFwSvcx64.exe O23 - Service: G DATA Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe O23 - Service: G DATA Tuner-service (GDTunerSvc) - G Data Software AG - C:\Program Files (x86)\G DATA\TotalProtection\AVKTuner\AVKTunerService.exe O23 - Service: GoodSync Server (GsServer) - Unknown owner - C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: G DATA Datasafeservice (TSNxGService) - G DATA Software - C:\Program Files (x86)\G DATA\TotalProtection\TSNxG\TSNxGService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Unchecky - RaMMicHaeL - C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\IE\GDQFCF1A will be deleted at reboot C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\IE\QZZ3P8JO will be deleted at reboot C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\IE\UQV305JQ will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully C:\Users\van la Parra\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== Empty Temp Folders ====================== C:\Users\van la Parra\AppData\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\VANLAP~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\IE\GDQFCF1A" not found "C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\IE\QZZ3P8JO" not found "C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\IE\UQV305JQ" not found ==== EOF on za 30-04-2016 at 10:22:05,87 ======================