Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Alexander on 08/06/2016 at 17:01:22,36. Microsoft Windows 10 Pro 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Alexander\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 08/06/2016 17:01:50 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\Alexander\AppData\Local\ActiveSync deleted successfully C:\Users\Alexander\AppData\Local\NetworkTiles deleted successfully C:\Users\Alexander\AppData\Local\PackageStaging deleted successfully C:\Users\Alexander\AppData\Local\PeerDistRepub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== æTorrent AirDroid 3.3.1.1 BlueStacks App Player Chrome Remote Desktop Host Google Chrome Google Update Helper Microsoft Access MUI (English) 2013 Microsoft Access Setup Metadata MUI (English) 2013 Microsoft DCF MUI (English) 2013 Microsoft Excel MUI (English) 2013 Microsoft Groove MUI (English) 2013 Microsoft InfoPath MUI (English) 2013 Microsoft Lync MUI (English) 2013 Microsoft Mathematics Add-In for Word and OneNote Microsoft Office 365 ProPlus - en-us Microsoft Office 365 ProPlus - nl-nl Microsoft Office Language Pack 2013 - English Microsoft Office O MUI (English) 2013 Microsoft Office OSM MUI (English) 2013 Microsoft Office OSM UX MUI (English) 2013 Microsoft Office Proofing (English) 2013 Microsoft Office Proofing Tools 2013 - English Microsoft Office Proofing Tools 2013 - Espa¤ol Microsoft Office Shared 64-bit MUI (English) 2013 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013 Microsoft Office Shared MUI (English) 2013 Microsoft Office Shared Setup Metadata MUI (English) 2013 Microsoft OneNote MUI (English) 2013 Microsoft Outlook MUI (English) 2013 Microsoft PowerPoint MUI (English) 2013 Microsoft Publisher MUI (English) 2013 Microsoft SharePoint Designer MUI (English) 2013 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Word MUI (English) 2013 Microsoft X MUI (English) 2013 Office 16 Click-to-Run Extensibility Component Office 16 Click-to-Run Licensing Component Office 16 Click-to-Run Localization Component Outils de v‚rification linguistique 2013 de Microsoft Officeÿ- Fran‡ais TouchMe Engine VLC media player ==== Running Processes ====================== C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\BlueStacks\HD-Agent.exe C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE C:\Users\Alexander\AppData\Roaming\AppsolutelyApps\TouchMe\TouchMe.exe C:\Program Files (x86)\Microsoft Office\Root\Office16\WINWORD.EXE C:\Users\Alexander\Downloads\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\Alexander\.android deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8098 MB CPU Info: Intel(R) Core(TM) i5-4300U CPU @ 1.90GHz CPU Speed: 2532,0 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | Intel(R) HD Graphics Family Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1234 X 823 - 32 bit Network: Network Present Network Adapters: Marvell AVASTAR Wireless-AC Network Controller | Microsoft Wi-Fi Direct Virtual Adapter CD / DVD Drives: No optical drives found. Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 232,3GB Hard Disks - Free: C: 172,0GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | OEMC - 300 Time Zone: Romance Standard Time Motherboard *: Microsoft Corporation Surface Pro 3 Country: United Kingdom Language: ENG ==== System Specs (Software) ====================== Internet Explorer Version: 11.306.10586.0 Google Chrome version: 51.0.2704.84 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-06-03 21:34:23 239C56531EC3A3BFFC88E0021D6E9EB2 730082694 ----a-w- C:\WINDOWS\MEMORY.DMP 2016-05-21 23:19:35 2617877C5761B8A696FD0368861EE6E4 4515256 ----a-w- C:\WINDOWS\explorer.exe 2016-05-21 20:48:08 692CA5EBC9E0CEF0A8D0BE4DF7400CEE 9528 ----a-w- C:\WINDOWS\diagwrn.xml 2016-05-21 20:48:08 692CA5EBC9E0CEF0A8D0BE4DF7400CEE 9528 ----a-w- C:\WINDOWS\diagerr.xml ====== C:\Users\ALEXAN~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-05-30 15:39:22 8D2523CBA425B2E2A0E898340638E8DE 163518 ----a-w- C:\WINDOWS\Sysnative\perfc013.dat 2016-05-30 15:39:22 88361FF7E914089E7D55A16669A0050D 45378 ----a-w- C:\WINDOWS\Sysnative\perfd013.dat 2016-05-30 15:39:22 42C87ECF978DF475F628E6B00151C71A 823010 ----a-w- C:\WINDOWS\Sysnative\perfh013.dat 2016-05-30 15:39:22 19634DCD3D06284686C8804F903478FF 347468 ----a-w- C:\WINDOWS\Sysnative\perfi013.dat 2016-05-30 15:32:40 0C1EADC320312BD4D35C9E3895A19EFA 9482240 ----a-w- C:\WINDOWS\Sysnative\prm0013.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2016-05-23 17:20:12 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2016-05-21 23:19:38 1A490555FD330CA2764D89191177C867 285696 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb10.sys 2016-05-21 23:19:38 083A727D784009F9CCFB120C7841B7AF 2403680 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2016-05-21 23:19:37 E582DA849A58524E645545FB68B6625D 1152864 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2016-05-21 23:19:37 935823F79CBEDB91637B63D37E3A5A36 148480 ----a-w- C:\WINDOWS\Sysnative\drivers\dfsc.sys 2016-05-21 23:19:37 19BD8A88AAC580592668B070AC0727D9 2152280 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2016-05-21 23:19:37 0B3B0C1D86050355676640488FA897D3 430944 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys 2016-05-21 23:19:35 EDDB0D726DBECDFC1DBCC6DB464E5A13 146272 ----a-w- C:\WINDOWS\Sysnative\drivers\appid.sys 2016-05-21 23:19:35 E3C82823B22463BC38AA4F8ADA852624 104960 ----a-w- C:\WINDOWS\Sysnative\drivers\rasl2tp.sys 2016-05-21 23:19:35 AA4CD20708B7E0412A5316D7E2875103 530432 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys 2016-05-21 23:19:35 A4411C522D41707D5BCA817A5BB9E30B 114688 ----a-w- C:\WINDOWS\Sysnative\drivers\bridge.sys 2016-05-21 23:19:35 2BC2E99623119521EEF7910A11D0FDE0 694784 ----a-w- C:\WINDOWS\Sysnative\drivers\WdiWiFi.sys 2016-05-21 23:19:33 B880BE37452AB1D4AA93845F58EF7960 95072 ----a-w- C:\WINDOWS\Sysnative\drivers\sdport.sys 2016-05-21 23:19:33 8F2523C9D8F1448FF2156452AF60FA00 87552 ----a-w- C:\WINDOWS\Sysnative\drivers\filecrypt.sys 2016-05-21 23:19:33 82D3B1F4D80057826AA649D78147DE36 63488 ----a-w- C:\WINDOWS\Sysnative\drivers\UcmCx.sys 2016-05-21 23:19:33 63C3F74DC398A1C1A77E39DFB9C312CA 1089888 ----a-w- C:\WINDOWS\Sysnative\drivers\http.sys 2016-05-21 23:19:33 48D8729FACC784900B831212AE56F824 1996640 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2016-05-21 23:19:33 3B866F8CB10719A5AF9E410B1B149714 605440 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2016-05-21 23:19:33 357910142E9285B978689B1DB4EFA00A 393568 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2016-05-21 23:19:33 28B8E1C6CBCF9FFE2FABFF3160C26ADF 258912 ----a-w- C:\WINDOWS\Sysnative\drivers\ufx01000.sys 2016-05-21 23:19:33 01C01ED15ED56B98088CE1D5A0965E6A 577368 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2016-05-21 23:19:31 F279536122B83FD0D8E158AA753E1B7C 238592 ----a-w- C:\WINDOWS\Sysnative\drivers\xboxgip.sys 2016-05-21 23:19:31 E7463CE8579A0418A98BE9BE42C647D7 534872 ----a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2016-05-21 23:19:31 DA0807D87A62D076C29C4E30F1E84F46 26112 ----a-w- C:\WINDOWS\Sysnative\drivers\xinputhid.sys 2016-05-21 23:19:31 CFFE69B6C276A3418687109EA8AC9E7D 330072 ----a-w- C:\WINDOWS\Sysnative\drivers\pci.sys 2016-05-21 23:19:31 C330883C06E2D4CE4F6982F048265D37 335712 ----a-w- C:\WINDOWS\Sysnative\drivers\fastfat.sys 2016-05-21 23:19:31 C0752D58193603B6ED762B4027C65E1B 155136 ----a-w- C:\WINDOWS\Sysnative\drivers\hidclass.sys 2016-05-21 23:19:31 B24408471C1BCB17FC44F5B47EA8DEA3 277856 ----a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys 2016-05-21 23:19:31 AEEF76F938188EBF27DF70C1806877F2 181248 ----a-w- C:\WINDOWS\Sysnative\drivers\rfcomm.sys 2016-05-21 23:19:31 A289FE26F5D8B5121D84DDEE6241CC26 954368 ----a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys 2016-05-21 23:19:31 A0718F7B48F08347800FB29844A6AF91 112640 ----a-w- C:\WINDOWS\Sysnative\drivers\bthenum.sys 2016-05-21 23:19:31 9E9D58F5E1702955B2F4D62996F80E8E 378208 ----a-w- C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS 2016-05-21 23:19:31 8949F77132A4F8F3BA17C6727099F002 127840 ----a-w- C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS 2016-05-21 23:19:31 8359F776CA899E761852F2293B724EAE 185184 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys 2016-05-21 23:19:31 67B9684B8272D5EBD1CCBB1DBD425EC8 99680 ----a-w- C:\WINDOWS\Sysnative\drivers\pdc.sys 2016-05-21 23:19:31 50DFE05C698E9B0A63D95E3D669A105C 638816 ----a-w- C:\WINDOWS\Sysnative\drivers\fvevol.sys 2016-05-21 23:19:31 4AAD6547953D373A1EB5B2DF583D868B 67072 ----a-w- C:\WINDOWS\Sysnative\drivers\usbser.sys 2016-05-21 23:19:31 469441BAE3FF8A16826FC62C51EF5E18 563552 ----a-w- C:\WINDOWS\Sysnative\drivers\acpi.sys 2016-05-21 23:19:31 3B3BF88BB54CB9A18DE1EF07292B5A3D 245760 ----a-w- C:\WINDOWS\Sysnative\drivers\BthLEEnum.sys 2016-05-21 23:19:31 2A87EA182EA333D79AA0B03833EA67F2 131424 ----a-w- C:\WINDOWS\Sysnative\drivers\ufxsynopsys.sys 2016-05-21 23:19:31 281439D412441B2A39B63D20EE3E5D88 84992 ----a-w- C:\WINDOWS\Sysnative\drivers\BTHUSB.SYS 2016-05-21 23:19:31 249A563C48DFD9E42A37587653E003BB 83968 ----a-w- C:\WINDOWS\Sysnative\drivers\serial.sys 2016-05-21 23:19:31 0731E8F4D8D3B8D3FD98A46A8ABFE0A0 333824 ----a-w- C:\WINDOWS\Sysnative\drivers\portcls.sys 2016-05-21 23:07:32 30267B4417B91B15E4E2A827531C2650 24568 ----a-r- C:\WINDOWS\Sysnative\drivers\iaLPSS_GPIO.sys 2016-05-21 23:07:31 EB1D78140D6634C32A46AB1006105EDC 100312 ----a-r- C:\WINDOWS\Sysnative\drivers\TeeDriverx64.sys 2016-05-21 23:07:26 F48E1A63FC46EC6F891ED13ADD543BAE 99320 ----a-r- C:\WINDOWS\Sysnative\drivers\iaLPSS_I2C.sys 2016-05-21 21:23:29 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_TrueColor_01011.Wdf 2016-05-21 21:22:46 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_SensorsHid_02_15_00.Wdf 2016-05-21 21:22:46 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2016-05-21 21:22:46 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_SurfacePenDriver_01011.Wdf 2016-05-21 21:22:39 D89721B30C7B6E528670C76C84A7A4A0 4507152 ----a-w- C:\WINDOWS\Sysnative\drivers\RTKVHD64.sys 2016-05-21 15:27:02 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_LocationProvider_01_11_00.Wdf ====== C:\WINDOWS\Tasks ====== 2016-05-22 08:03:39 E103D4B22AA62A0E47A50CB37B6CE0AD 918 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-05-22 08:03:39 87DBA04DE693F4B46C8A59364433BE75 3748 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2016-05-22 08:03:39 401087498722F2AFA0E392692D1730BC 3980 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2016-05-22 08:03:39 289890ECEA2BB18C9392A646F4486ABC 922 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-05-21 20:31:15 7D5F8E59B066A6C62B1A946E397CF6C6 4156 ----a-w- C:\WINDOWS\Sysnative\Tasks\User_Feed_Synchronization-{F9957E1F-09B9-4C2D-9CA6-41BF3C6039BD} 2016-05-21 15:06:19 5C147405C20008793B83F22CC6A6681E 2748 ----a-w- C:\WINDOWS\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-158757701-3555279983-633594269-1001 2016-05-21 15:01:19 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\WPD ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-05-28 14:32:12 -------- d-----w- C:\Program Files\Microsoft Office 15 2016-05-23 22:02:53 -------- d-----w- C:\Program Files\Reference Assemblies 2016-05-23 22:02:53 -------- d-----w- C:\Program Files\MSBuild 2016-05-23 11:42:04 -------- d-----w- C:\Program Files\Microsoft Office 2016-05-21 21:22:53 -------- d-----w- C:\Program Files\Intel ======= C:\PROGRA~2 ===== 2016-05-30 15:05:46 -------- d---a-w- C:\PROGRA~2\BlueStacks 2016-05-28 14:36:36 -------- d---a-w- C:\PROGRA~2\COMMON~1\DESIGNER 2016-05-24 14:22:35 -------- d-----w- C:\PROGRA~2\Microsoft Mathematics Add-in 2016-05-24 13:55:45 -------- d-----w- C:\PROGRA~2\VideoLAN 2016-05-23 22:02:53 -------- d-----w- C:\PROGRA~2\Reference Assemblies 2016-05-23 22:02:53 -------- d-----w- C:\PROGRA~2\MSBuild 2016-05-23 22:00:39 -------- d-----w- C:\PROGRA~2\AirDroid 2016-05-23 11:42:05 -------- d-----w- C:\PROGRA~2\Microsoft Analysis Services 2016-05-22 08:03:37 -------- d-----w- C:\PROGRA~2\Google 2016-05-21 21:22:51 -------- d-----w- C:\PROGRA~2\COMMON~1\Intel ======= C: ===== ====== C:\Users\Alexander\AppData\Roaming ====== 2016-06-03 00:37:58 -------- d-----w- C:\Users\Alexander\AppData\Local\ElevatedDiagnostics 2016-06-03 00:37:04 -------- d-----w- C:\Users\Alexander\AppData\Local\Diagnostics 2016-05-31 18:16:43 -------- d-----w- C:\Users\Alexander\AppData\Local\speech 2016-05-30 15:06:03 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\PeerDistRepub 2016-05-30 15:05:28 -------- d-----w- C:\Users\Alexander\AppData\Local\Bluestacks 2016-05-26 07:42:10 -------- d-----w- C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps 2016-05-24 14:33:06 415DC88F060FE8132EACE123342C1206 363440 ----a-w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2016-05-23 11:42:05 -------- d-----w- C:\Users\Alexander\AppData\Local\Microsoft Help 2016-05-22 14:49:36 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\DataSharing 2016-05-22 08:03:59 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft 2016-05-22 08:03:32 -------- d-----w- C:\Users\Alexander\AppData\Local\Google 2016-05-22 08:02:26 -------- d-----w- C:\Users\Alexander\AppData\Local\MicrosoftEdge 2016-05-21 21:32:11 -------- d-----w- C:\Users\Alexander\AppData\Local\Publishers 2016-05-21 21:31:35 -------- d-----w- C:\Users\Alexander\AppData\Local\Comms 2016-05-21 21:31:30 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles 2016-05-21 21:31:30 -------- d-----w- C:\Users\Alexander\AppData\Local\TileDataLayer 2016-05-21 21:26:53 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Packages 2016-05-21 21:24:16 -------- d-s---r- C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2016-05-21 21:24:16 -------- d-----w- C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2016-05-21 21:24:16 -------- d-----w- C:\Users\Alexander\AppData\Roaming 2016-05-21 21:24:16 -------- d-----w- C:\Users\Alexander\AppData\Local\Temp 2016-05-21 21:24:16 -------- d-----w- C:\Users\Alexander\AppData\Local\Microsoft 2016-05-21 21:24:16 -------- d-----w- C:\Users\Alexander\AppData\Local 2016-05-21 21:24:16 -------- d-----r- C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2016-05-21 21:24:16 -------- d-----r- C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-05-21 21:24:16 -------- d-----r- C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2016-05-21 21:24:16 -------- d-----r- C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-05-21 20:04:29 -------- d-s---w- C:\WINDOWS\serviceprofiles\networkservice\AppData\LocalLow 2016-05-21 15:27:02 -------- d-s---w- C:\WINDOWS\serviceprofiles\Localservice\AppData\LocalLow 2016-05-21 15:23:45 -------- d-----w- C:\Users\Alexander\AppData\Local\GWX 2016-05-21 15:03:54 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\PnrpSqm 2016-05-21 15:00:58 -------- d-----r- C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2016-05-21 15:00:58 -------- d-----r- C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2016-05-21 15:00:56 -------- d-----w- C:\Users\Alexander\AppData\Local\VirtualStore 2016-05-21 15:00:55 -------- d-----w- C:\Users\Alexander\AppData\Local\Packages 2016-05-21 15:00:08 -------- d-----w- C:\Users\Alexander\AppData\LocalLow ====== C:\Users\Alexander ====== 2016-06-07 18:38:49 8F089F7AC9E909C4704AF58EAA179196 3677248 ----a-w- C:\Users\Alexander\Desktop\adwcleaner_5.119.exe 2016-06-04 19:46:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-hulpprogramma's 2016-06-04 19:45:10 27629F746CA22330D7428480216263DC 3191496 ----a-w- C:\Users\Alexander\Downloads\setuplanguagepack.x86.en-us_.exe 2016-06-04 19:44:42 FF1B921AEFAC365E7111A12E0FAC590F 3193544 ----a-w- C:\Users\Alexander\Downloads\setuplanguagepack.x86.nl-nl_.exe 2016-05-31 17:29:39 -------- d-----w- C:\ProgramData\Google 2016-05-30 15:06:15 -------- d-----w- C:\ProgramData\BlueStacksGameManager 2016-05-30 15:05:46 -------- d---a-w- C:\ProgramData\BlueStacks 2016-05-30 15:05:28 -------- d-----w- C:\ProgramData\BlueStacksSetup 2016-05-30 15:02:10 D13FCA22A47ACC3C0A7CB6889BD606E4 312530592 ----a-w- C:\Users\Alexander\Downloads\BlueStacks2_native_23dddd4fe8b49461ad0715b6c0a96fab.exe 2016-05-23 22:04:40 -------- d-----w- C:\Users\Public\Documents\AirDroid 2016-05-23 22:00:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid 2016-05-23 11:42:05 -------- d-----w- C:\ProgramData\Microsoft Help 2016-05-21 21:31:29 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Alexander\ntuser.ini 2016-05-21 21:24:16 -------- d--h--w- C:\Users\Alexander\AppData 2016-05-21 21:22:41 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\ProgramData\DP45977C.lfl 2016-05-21 15:05:11 -------- d---a-r- C:\Users\Alexander\OneDrive 2016-05-21 15:00:58 -------- d-----r- C:\Users\Alexander\Searches 2016-05-21 15:00:58 -------- d-----r- C:\Users\Alexander\Contacts 2016-05-21 15:00:08 -------- d-----r- C:\Users\Alexander\Videos 2016-05-21 15:00:08 -------- d-----r- C:\Users\Alexander\Saved Games 2016-05-21 15:00:08 -------- d-----r- C:\Users\Alexander\Pictures 2016-05-21 15:00:08 -------- d-----r- C:\Users\Alexander\Music 2016-05-21 15:00:08 -------- d-----r- C:\Users\Alexander\Links 2016-05-21 15:00:08 -------- d-----r- C:\Users\Alexander\Favorites 2016-05-21 15:00:08 -------- d-----r- C:\Users\Alexander\Downloads 2016-05-21 15:00:08 -------- d-----r- C:\Users\Alexander\Documents 2016-05-21 15:00:08 -------- d-----r- C:\Users\Alexander\Desktop ====== C: exe-files == 2016-06-08 10:44:28 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Alexander\AppData\Local\Temp\333CF865-3304-40BC-8DEE-2043BA6BFA42\DismHost.exe 2016-06-08 10:13:36 97DF1726DA9995D8ED824258298929CF 12829272 ----a-w- C:\Program Files (x86)\Google\Update\Install\{21B0291F-A143-4054-9485-53748D05F649}\51.0.2704.84_50.0.2661.102_chrome_updater.exe 2016-06-08 10:13:36 97DF1726DA9995D8ED824258298929CF 12829272 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\51.0.2704.84\51.0.2704.84_50.0.2661.102_chrome_updater.exe 2016-06-08 10:13:36 4FE45B73CB23E4E77FCF6463F93C85FB 1245848 ----a-w- C:\Windows\Temp\CR_AC502.tmp\setup.exe 2016-06-07 18:38:49 8F089F7AC9E909C4704AF58EAA179196 3677248 ----a-w- C:\Users\Alexander\Desktop\adwcleaner_5.119.exe 2016-06-07 02:16:03 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Alexander\AppData\Local\Temp\80A4C62D-3441-4C90-B831-8F483904C3E1\DismHost.exe 2016-06-04 19:45:10 27629F746CA22330D7428480216263DC 3191496 ----a-w- C:\Users\Alexander\Downloads\setuplanguagepack.x86.en-us_.exe 2016-06-04 19:44:42 FF1B921AEFAC365E7111A12E0FAC590F 3193544 ----a-w- C:\Users\Alexander\Downloads\setuplanguagepack.x86.nl-nl_.exe 2016-06-02 18:42:30 6A50282084AEF862BE90DF9FBF8D1563 1541624 ----a-w- C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\SwReporter\7.58.0\software_reporter_tool.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-158757701-3555279983-633594269-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22/05/2016 10:03] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22/05/2016 10:03] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{F9957E1F-09B9-4C2D-9CA6-41BF3C6039BD}" [C:\windows\system32\msfeedssync.exe] ==== Chromium Look ====================== Google Slides - Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Drive - Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo selector is not a valid CSS selector - Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Create edit and share Excel spreadsheets. Work with others on shared projects in real-time. - Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciniambnphakdoflgeamacamhfllbkmo Google Sheets - Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Kotnet Login - Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdmhfbpjgldhcjpndjohjoiailndlog This information is used only for diagnosing the problem you are reporting is available only to someone investigating your report and is retained for no more than 30 days. - Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp Google Docs Offline - Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi AdBlock - Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Inbox by Gmail - Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkljgfmjocfalijkgoogmfffkhmkbgol Evernote Web - Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol Pocket - Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk Chrome Web Store Payments - Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL O4 - HKCU\..\Run: [OneDrive] "C:\Users\Alexander\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - Startup: Send to OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE O4 - Startup: TouchMe Engine.lnk = Alexander\AppData\Roaming\AppsolutelyApps\TouchMe\TouchMe.exe O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe O23 - Service: BlueStacks Plus Android Service (BstHdPlusAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe O23 - Service: Chrome Remote Desktop Service (chromoting) - Unknown owner - C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Alexander\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Alexander\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Alexander\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Alexander\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=14 folders=16 14044157 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\ALEXAN~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on 08/06/2016 at 17:15:10,65 ======================