Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Gebruiker on zo 29-05-2016 at 10:16:58,83. Microsoft Windows 10 Pro 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 29-5-2016 10:20:47 Zoek.exe System Restore Point Created Successfully. ==== Torpig Check ====================== HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\Program Files\gs deleted successfully C:\Program Files\log deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\Gebruiker\AppData\Local\ActiveSync deleted successfully C:\Users\Gebruiker\AppData\Local\calibre-cache deleted successfully C:\Users\Gebruiker\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Gebruiker\AppData\Local\EmieSiteList deleted successfully C:\Users\Gebruiker\AppData\Local\EmieUserList deleted successfully C:\Users\Gebruiker\AppData\Local\NetworkTiles deleted successfully C:\Users\Gebruiker\AppData\Local\PeerDistRepub deleted successfully C:\Users\Gebruiker\AppData\Local\Skype deleted successfully C:\Users\Gebruiker\AppData\Local\Spoon deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\PopTrayU\PopTrayU.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe C:\Users\Gebruiker\Downloads\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Services(whitelist) ====================== Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url] R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe R2 - [c2cautoupdatesvc] - Skype Click to Call Updater - c:\program files (x86)\skype\toolbars\autoupdate\skypec2cautoupdatesvc.exe R2 - [c2cpnrsvc] - Skype Click to Call PNR Service - c:\program files (x86)\skype\toolbars\pnrsvc\skypec2cpnrsvc.exe R2 - [ClickToRunSvc] - Klik-en-klaar-service van Microsoft Office - c:\program files\common files\microsoft shared\clicktorun\officeclicktorun.exe R2 - [EvtEng] - Intel(R) PROSet/Wireless Event Log - c:\program files\intel\wifi\bin\evteng.exe R2 - [GfExperienceService] - NVIDIA GeForce Experience Service - c:\program files\nvidia corporation\geforce experience service\gfexperienceservice.exe R2 - [hpsrv] - HP Service - c:\windows\system32\hpservice.exe R2 - [HPSupportSolutionsFrameworkService] - HP Support Solutions Framework Service - c:\program files (x86)\hewlett-packard\hp support solutions\hpsupportsolutionsframeworkservice.exe R2 - [iBtSiva] - Intel Bluetooth Service - c:\program files (x86)\intel\bluetooth\ibtsiva.exe R2 - [igfxCUIService2.0.0.0] - Intel(R) HD Graphics Control Panel Service - c:\windows\system32\igfxcuiservice.exe R2 - [MBAMScheduler] - MBAMScheduler - c:\program files (x86)\malwarebytes anti-malware\mbamscheduler.exe R2 - [NvNetworkService] - NVIDIA Network Service - c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe R2 - [NvStreamSvc] - NVIDIA Streamer Service - c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe R2 - [nvsvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe R2 - [RegSrvc] - Intel(R) PROSet/Wireless Registry Service - c:\program files\common files\intel\wirelesscommon\regsrvc.exe R2 - [STacSV] - Audio Service - c:\program files\idt\wdm\stacsv64.exe R2 - [SynTPEnhService] - SynTPEnh Caller Service - c:\program files\synaptics\syntp\syntpenhservice.exe R2 - [valWBFPolicyService] - Synaptics FP WBF Policy Service - c:\windows\system32\valwbfpolicyservice.exe R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe R2 - [ZeroConfigService] - Intel(R) PROSet/Wireless Zero Configuration Service - c:\program files\intel\wifi\bin\zeroconfigservice.exe R3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe S2 - [BstHdAndroidSvc] - BlueStacks Android Service - c:\program files (x86)\bluestacks\hd-service.exe S2 - [BstHdLogRotatorSvc] - BlueStacks Log Rotator Service - c:\program files (x86)\bluestacks\hd-logrotatorservice.exe S2 - [BstHdUpdaterSvc] - BlueStacks Updater Service - c:\program files (x86)\bluestacks\hd-updaterservice.exe S2 - [gupdate] - Google Update-service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe S2 - [MBAMService] - MBAMService - c:\program files (x86)\malwarebytes anti-malware\mbamservice.exe S2 - [Service KMSELDI] - Service KMSELDI - c:\program files\kmspico\service_kms.exe S2 - [SkypeUpdate] - Skype Updater - c:\program files (x86)\skype\updater\updater.exe S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe S3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe S3 - [diagnosticshub.standardcollector.service] - Microsoft(R) Diagnostics Hub Standard Collector-service - c:\windows\system32\diagsvcs\diagnosticshub.standardcollector.service.exe S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe S3 - [gupdatem] - Google Update-service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe S3 - [MyWiFiDHCPDNS] - Wireless PAN DHCP Server - c:\program files\intel\wifi\bin\pandhcpdns.exe S3 - [ose64] - Office 64 Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe S3 - [SensorDataService] - Sensor Data Service - c:\windows\system32\sensordataservice.exe S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe S3 - [TieringEngineService] - Storage Tiers Management - c:\windows\system32\tieringengineservice.exe S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe S3 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe S3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\AGEIA Technologies not found C:\PROGRA~2\rSpark deleted C:\Users\Gebruiker\AppData\Roaming\calibre deleted C:\PROGRA~2\GreenTree Applications deleted C:\PROGRA~3\YTD Video Downloader deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader deleted C:\WINDOWS\SysNative\roboot64.exe deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted C:\Users\Public\Desktop\YTD Video Downloader.lnk deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8125 MB CPU Info: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz CPU Speed: 2444,1 MHz Sound Card: Luidsprekers / HP (IDT High Def | Display Adapters: Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller | Intel(R) Wireless-N 7260 | Microsoft Wi-Fi Direct Virtual Adapter CD / DVD Drives: 1x (E: | ) E: hp CDDVDW SU-208FB Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 459,7GB | D: 20,1GB | F: 450,1GB Hard Disks - Free: C: 381,2GB | D: 2,0GB | F: 408,4GB Manufacturer *: Insyde BIOS Info: AT/AT COMPATIBLE | | HPQOEM - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: Hewlett-Packard 1966 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Default Browser: Google Chrome 50.0.2661.102 Internet Explorer Version: 11.306.10586.0 Google Chrome version: 50.0.2661.102 Adobe Reader version: 15.16.20039.185268 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-05-11 04:27:19 2617877C5761B8A696FD0368861EE6E4 4515256 ----a-w- C:\WINDOWS\explorer.exe ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== ====== C:\WINDOWS\Sysnative\drivers ===== 2016-05-11 04:27:16 48D8729FACC784900B831212AE56F824 1996640 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2016-05-11 04:26:58 01C01ED15ED56B98088CE1D5A0965E6A 577368 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2016-05-11 04:26:52 A289FE26F5D8B5121D84DDEE6241CC26 954368 ----a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys 2016-05-11 04:26:50 E7463CE8579A0418A98BE9BE42C647D7 534872 ----a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2016-05-11 04:26:46 B880BE37452AB1D4AA93845F58EF7960 95072 ----a-w- C:\WINDOWS\Sysnative\drivers\sdport.sys 2016-05-11 04:26:46 357910142E9285B978689B1DB4EFA00A 393568 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2016-05-11 04:26:45 CFFE69B6C276A3418687109EA8AC9E7D 330072 ----a-w- C:\WINDOWS\Sysnative\drivers\pci.sys 2016-05-11 04:26:38 C330883C06E2D4CE4F6982F048265D37 335712 ----a-w- C:\WINDOWS\Sysnative\drivers\fastfat.sys 2016-05-11 04:26:37 50DFE05C698E9B0A63D95E3D669A105C 638816 ----a-w- C:\WINDOWS\Sysnative\drivers\fvevol.sys 2016-05-11 04:26:36 C0752D58193603B6ED762B4027C65E1B 155136 ----a-w- C:\WINDOWS\Sysnative\drivers\hidclass.sys 2016-05-11 04:26:36 82D3B1F4D80057826AA649D78147DE36 63488 ----a-w- C:\WINDOWS\Sysnative\drivers\UcmCx.sys 2016-05-11 04:26:36 2A87EA182EA333D79AA0B03833EA67F2 131424 ----a-w- C:\WINDOWS\Sysnative\drivers\ufxsynopsys.sys 2016-05-11 04:26:35 8F2523C9D8F1448FF2156452AF60FA00 87552 ----a-w- C:\WINDOWS\Sysnative\drivers\filecrypt.sys 2016-05-11 04:26:35 67B9684B8272D5EBD1CCBB1DBD425EC8 99680 ----a-w- C:\WINDOWS\Sysnative\drivers\pdc.sys 2016-05-11 04:26:33 4AAD6547953D373A1EB5B2DF583D868B 67072 ----a-w- C:\WINDOWS\Sysnative\drivers\usbser.sys 2016-05-11 04:26:26 281439D412441B2A39B63D20EE3E5D88 84992 ----a-w- C:\WINDOWS\Sysnative\drivers\BTHUSB.SYS ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-05-28 14:16:49 -------- d-----w- C:\Program Files\trend micro 2016-05-28 07:13:57 -------- d---a-w- C:\Program Files\Common Files\DESIGNER ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Gebruiker\AppData\Roaming ====== ====== C:\Users\Gebruiker ====== 2016-05-28 14:16:31 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Desktop\RSITx64.exe 2016-05-28 14:16:03 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe ====== C: exe-files == 2016-05-28 14:16:49 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe 2016-05-28 14:16:31 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Desktop\RSITx64.exe 2016-05-28 14:16:03 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2016-05-27 10:54:04 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\D5660461-98A6-4ACC-AED3-CEA47010E9C0\DismHost.exe 2016-05-27 09:37:08 68E799C8707A8713198F8DC992E2A10B 634784 ----a-w- C:\Users\Gebruiker\AppData\Local\NVIDIA\NvBackend\Packages\00008b0d\CoProc update.20792964.exe 2016-05-27 09:37:08 47E40E6DA068328DED8518CE77715E9D 8080368 ----a-w- C:\Users\Gebruiker\AppData\Local\NVIDIA\NvBackend\Packages\00008b16\DAO.20794581.exe 2016-05-26 15:15:46 30936B35355510F4E60E498F177AEABA 835512 ----a-w- C:\Users\Gebruiker\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2016-05-26 15:15:42 6C56F2E47C9608601B888DC1CCB7086C 403896 ----a-w- C:\Users\Gebruiker\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2016-05-25 08:31:20 8E1CC0517DE17DF83CF80BFCE9F0C000 1687680 ----a-w- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe 2016-05-25 08:30:36 C8D931D734FC0097478CE2583A75C4DF 1364096 ----a-w- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe 2016-05-23 20:02:38 89CAC0480C8105BB1F585C3B5E125434 9040072 ----a-w- C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe 2016-05-23 20:02:38 89CAC0480C8105BB1F585C3B5E125434 9040072 ----a-w- C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\OneDriveSetup.exe 2016-05-23 20:02:28 B18567F84F296ADB03E3C3F023C7422D 176840 ----a-w- C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe 2016-05-23 20:02:21 EBEC2BE509FBB6D922D2F04E4CE40946 493256 ----a-w- C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\OneDriveStandaloneUpdater.exe 2016-05-23 20:02:21 9D8F8170A6432030DAA3CF1864E16DC4 178888 ----a-w- C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncConfig.exe 2016-05-23 09:42:27 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\1B13C9E3-0BC7-4CA6-8D48-388EE31732A6\DismHost.exe === C: other files == 2016-05-29 08:08:46 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-r- C:\Users\Gebruiker\AppData\Local\Temp\_MEI97882\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2016-05-29 08:08:46 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-r- C:\Users\Gebruiker\AppData\Local\Temp\_MEI97882\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2016-05-25 08:31:28 60DF4A4D028540DF26D2F627E0401BB5 99184 ----a-w- C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx 2016-05-23 20:02:24 8CF4163521FDB8E53482003C7EFA7121 5850 ----a-w- C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\CollectOneDriveLogs.bat 2016-05-23 10:41:26 9B74226E10CD57E965F87014841016F9 214832 ----a-w- C:\Windows\LastGood.Tmp\system32\DRIVERS\ssudmdm.sys 2016-05-23 10:40:19 85137571AEC8AC757D497B9DD30D544D 122160 ----a-w- C:\Windows\LastGood.Tmp\system32\DRIVERS\ssudbus.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-3677895764-3196587806-2114488980-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "HP OfficeJet 4650 series (NET)"="C:\Program Files\HP\HP OfficeJet 4650 series\Bin\ScanToPCActivationApp.exe -deviceID TH57L1910B0662:NW -scfn HP OfficeJet 4650 series (NET) -AutoStart 1" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" [HKEY_USERS\S-1-5-21-3677895764-3196587806-2114488980-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64" "Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" "Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" "Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" "Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "HP OfficeJet 4650 series (NET)"="C:\Program Files\HP\HP OfficeJet 4650 series\Bin\ScanToPCActivationApp.exe -deviceID TH57L1910B0662:NW -scfn HP OfficeJet 4650 series (NET) -AutoStart 1" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64" "Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" "Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" "Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" "Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvBackend"="C:\Program Files (x86)\jv16 PowerTools X\StartupOptimizer.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "Classic Start Menu"="C:\Program Files\Classic Shell\ClassicStartMenu.exe -autorun" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner64.exe] "command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR" "item"="CCleaner64.exe" "hkey"="HKCU" "key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HD-Agent.exe] "command"="C:\\Program Files (x86)\\jv16 PowerTools X\\StartupOptimizer.exe C:\\Program Files (x86)\\BlueStacks\\HD-Agent.exe" "item"="HD-Agent.exe" "hkey"="HKLM" "key"="SOFTWARE\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ReaderAppHelper.exe] "command"="C:\\Program Files (x86)\\Sony\\ReaderDesktop\\appHelper\\ReaderAppHelper.exe" "item"="ReaderAppHelper.exe" "hkey"="HKLM" "key"="SOFTWARE\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\sttray64.exe] "command"="C:\\Program Files\\IDT\\WDM\\sttray64.exe" "item"="sttray64.exe" "hkey"="HKLM" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" ==== Startup Folders ====================== 2015-01-16 10:07:39 1686 --sha-w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\LastFlashConfig.wfc ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d061737f641058.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18-03-2015 14:03] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d093f7b844a269.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18-03-2015 14:03] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\AutoPico Daily Restart" ["C:\Program Files\KMSpico\AutoPico.exe"] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore1d061737f641058" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore1d093f7b844a269" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{F665AFEC-02F5-43ED-928D-CD08F57C9244}" [C:\Windows\system32\msfeedssync.exe] ==== Folders in C:\PROGRA~3 0-6 Months Old ====================== 2015-12-04 03:05:02 -------- d-----w- C:\PROGRA~3\Validity 2015-12-04 03:05:19 -------- d-----w- C:\PROGRA~3\NVIDIA Corporation 2015-12-04 03:05:51 -------- d-----w- C:\PROGRA~3\NVIDIA 2015-12-04 03:47:00 -------- d-sh--we C:\PROGRA~3\Application Data 2015-12-23 15:31:57 -------- d-----w- C:\PROGRA~3\Samsung 2016-01-06 17:35:04 -------- d-----w- C:\PROGRA~3\Intel.sav 2016-01-06 17:40:30 -------- d-----w- C:\PROGRA~3\Intel 2016-02-16 15:14:05 -------- d---a-w- C:\PROGRA~3\HP 2016-03-18 14:45:02 -------- d-----w- C:\PROGRA~3\Malwarebytes 2016-04-05 14:12:04 -------- d-----w- C:\PROGRA~3\Synaptics ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[25-05-2016 10:31] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[] Google Slides - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Linkclump - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj Skype - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Drive App Launcher - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh Chrome Web Store Payments - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.krantenkoppen.be/" "Search Page"="http://www.google.nl" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.krantenkoppen.be/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{C6FE69ED-2298-42DE-904F-836F1437816A}" HKCU\SearchScopes\GOOGLE_SEARCH - http://www.google.nl/search?hl=nl&q={searchTerms}&meta= HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 HKCU\SearchScopes\{C6FE69ED-2298-42DE-904F-836F1437816A} - http://www.google.be/search?hl=nl&q={searchTerms} HKCU\SearchScopes\{E9DB9E7B-A275-41D1-8158-D0423FBEBDEB} - http://www.google.com/cse?cx=partner-pub-3540673482024757:xbhdw8hkfz5&cof=&q={searchTerms} ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== HijackThis Entries ====================== O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll O4 - HKCU\..\Run: [OneDrive] "C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [HP OfficeJet 4650 series (NET)] "C:\Program Files\HP\HP OfficeJet 4650 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH57L1910B0662:NW" -scfn "HP OfficeJet 4650 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - Startup: PopTrayU.lnk = C:\Program Files (x86)\PopTrayU\PopTrayU.exe O4 - Startup: Sidebar268.lnk = C:\Program Files\Windows Sidebar\sidebar.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @oem45.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing) O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service: Intel Bluetooth Service (iBtSiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: Service KMSELDI - @ByELDI - C:\Program Files\KMSpico\Service_KMS.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @oem23.inf,%WBFService_SvcDesc%;Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=94 folders=33 42703553 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 29-05-2016 at 10:39:45,86 ======================