Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by wendy_000 on vr 01/07/2016 at 13:47:39,82. Microsoft Windows 10 Home 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\wendy_000\Downloads\zoek (3).exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2016-06-30-095904.log 6551 bytes ==== Empty Folders Check ====================== C:\Users\UpdatusUser\AppData\LocalLow deleted successfully C:\Users\wendy_000\AppData\Local\ActiveSync deleted successfully C:\Users\wendy_000\AppData\Local\NetworkTiles deleted successfully C:\Users\wendy_000\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe C:\Users\wendy_000\AppData\Local\FluxSoftware\Flux\flux.exe C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\BlueStacks\HD-Agent.exe C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe C:\Program Files (x86)\AVG\Framework\Common\avguix.exe C:\Users\wendy_000\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Users\wendy_000\Downloads\zoek (3).exe C:\WINDOWS\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Zoom"=- ==== Deleting Files \ Folders ====================== C:\Program Files\McAfee not found C:\ProgramData\AVG Security Toolbar not found "C:\Windows\Installer\8dbc3.msi" not found ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8116 MB CPU Info: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz CPU Speed: 2595,9 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | Intel(R) HD Graphics Family Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Intel(R) Dual Band Wireless-AC 7260 | Microsoft Wi-Fi Direct Virtual Adapter | Microsoft Hosted Network Virtual Adapter | Realtek PCIe GBE Family Controller | Intel(R) Technology Access TAP Driver (NDIS 6.30) CD / DVD Drives: 1x (D: | ) D: MATSHITADVD-RAM UJ8E2Q Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 914,5GB Hard Disks - Free: C: 756,0GB Manufacturer *: Insyde Corp. BIOS Info: AT/AT COMPATIBLE | | ACRSYS - 1 Time Zone: Romance (standaardtijd) Motherboard *: Acer EA50_HB Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Default Browser: Opera Internet Browser 38.0.2220.31 Internet Explorer Version: 11.420.10586.0 Opera Browser version: 38.0.2220.31 Google Chrome version: 51.0.2704.103 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-06-16 08:49:50 E15BEB03592BA12C5C99E2BA46146BDD 4515264 ----a-w- C:\WINDOWS\explorer.exe ====== C:\Users\WENDY_~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== ====== C:\WINDOWS\Sysnative\drivers ===== 2016-06-16 08:49:56 3996DF4D52FD6273750C7033D1447C0A 31744 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpsdport.sys 2016-06-16 08:49:48 8B83335B6A86F39785FC7C9DE5F5B29F 1996640 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2016-06-16 08:49:45 425CFD45BDF5B9F8B790BEB20E0A8721 161632 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys 2016-06-16 08:49:44 C03E926B0E7D66D68994067231DC3246 278528 ----a-w- C:\WINDOWS\Sysnative\drivers\netbt.sys 2016-06-16 08:49:44 2568B86F6A50D254324CB89022CA9EFC 690176 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys 2016-06-16 08:49:43 CF78AF126B00C1B0A6FF45BD838E8EFE 331616 ----a-w- C:\WINDOWS\Sysnative\drivers\pci.sys 2016-06-16 08:49:40 BE88248427A6AA548A904FD867667F70 406528 ----a-w- C:\WINDOWS\Sysnative\drivers\srv.sys 2016-06-16 08:49:40 3F7C80D9F16B94367646CBF8B8C052F4 604928 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2016-06-16 08:49:38 8E9E48E4BC6EACB811FE6066ADACC7A5 577376 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2016-06-16 08:49:37 87B9ABB965F7AF987D52791F0DD1663D 211296 ----a-w- C:\WINDOWS\Sysnative\drivers\tpm.sys 2016-06-16 08:49:33 6E520D6B16EA8AE23D1F81C1194F00C8 237056 ----a-w- C:\WINDOWS\Sysnative\drivers\srvnet.sys 2016-06-16 08:49:32 D330D74B5F99309B5CCA30AE41C57CDE 118624 ----a-w- C:\WINDOWS\Sysnative\drivers\partmgr.sys 2016-06-16 08:49:30 05DD22294A4F3F89E52351C7721E6D2C 258912 ----a-w- C:\WINDOWS\Sysnative\drivers\ufx01000.sys 2016-06-16 08:49:27 FFB773E4AA55E4F5FBBB084B41D7A86F 954368 ----a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys 2016-06-16 08:49:27 883A36E2FF7FA3E1281CB575579FE3AF 124928 ----a-w- C:\WINDOWS\Sysnative\drivers\Ndu.sys 2016-06-16 08:49:26 020F3FD207AFEDAC8E05E4C567547A78 155136 ----a-w- C:\WINDOWS\Sysnative\drivers\hidclass.sys 2016-06-16 08:49:23 BE265ABFB467BBAC8C73A55AD94F4216 84992 ----a-w- C:\WINDOWS\Sysnative\drivers\BTHUSB.SYS ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-06-16 15:18:38 -------- d-----w- C:\Program Files\trend micro 2016-06-01 14:31:50 -------- d---a-w- C:\Program Files\Dolby Digital Plus ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\wendy_000\AppData\Roaming ====== 2016-06-29 12:54:43 -------- d-----w- C:\Users\wendy_000\AppData\Local\MalwareProtectionLive 2016-06-08 14:24:43 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\CrashDumps ====== C:\Users\wendy_000 ====== 2016-06-29 12:52:03 1E514D3BCE88F75187C255A4F831F414 10303728 ----a-w- C:\Users\wendy_000\Downloads\YTDSetup.exe 2016-06-27 13:09:17 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\wendy_000\Downloads\RSITx64 (1).exe 2016-06-01 14:31:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby ====== C: exe-files == 2016-06-30 09:58:07 60C881097F4D90ADC991C27034712C5B 3115848 ----a-w- C:\Users\wendy_000\AppData\Local\MalwareProtectionLive\quarantine\StartMenuIndexer-6775b684-6ac2-4932-8db3-1c13d993cacc.exe 2016-06-30 09:57:38 E051DDF4114932C45C67E9D91733753F 7586120 ----a-w- C:\Users\wendy_000\AppData\Local\MalwareProtectionLive\quarantine\HostAppService-366a3ce7-b618-4ec3-a2f2-a1ea7a903c06.exe 2016-06-30 09:57:38 60C881097F4D90ADC991C27034712C5B 3115848 ----a-w- C:\Users\wendy_000\AppData\Local\MalwareProtectionLive\quarantine\StartMenuIndexer-61881eb6-316a-4c6a-a29a-37e3fc45148e.exe 2016-06-29 12:54:44 B904646907A42B2F3051E55596604B10 34732 ----a-w- C:\Users\wendy_000\AppData\Local\MalwareProtectionLive\uninstall.exe 2016-06-27 19:39:47 3B5D0CA00476633E237BF1415AC58ACC 2545880 ----a-w- C:\Users\wendy_000\AppData\Local\clear.fi\Photo\abPhoto\abPhotoSetup.exe 2016-06-27 19:39:43 6EF0495FD6173A63B168755FBDA7C06B 46988723 ----a-w- C:\Users\wendy_000\AppData\Local\clear.fi\Photo\abPhoto\abPhoto.exe 2016-06-27 19:39:21 E97FCA9B760CDC55AF872D85CEE8CE74 48518128 ----a-w- C:\Users\wendy_000\AppData\Local\clear.fi\Photo\abPhotoSetup.exe === C: other files == 2016-06-30 09:59:07 1D9ECA4578101E7BB9FF6EC4E0C7963A 3789 ----a-w- C:\Users\wendy_000\AppData\Local\Temp\systemspecs.vbs 2016-06-29 09:42:16 3BDDFEF9E3BF6B471A9459E18A6D51D8 2506871 ----a-w- C:\Program Files (x86)\AVG\Zen\html.zip 2016-06-29 09:41:54 DB14CBDAF0DD40CB7B26BC09484002A9 1963 ----a-w- C:\Program Files (x86)\AVG\Zen\rules.zip 2016-06-29 09:41:42 BE748FCC7A2F4FF37BFBC8B5349089CD 178 ----a-w- C:\Program Files (x86)\AVG\Zen\cfg.zip 2016-06-29 09:41:42 7FA477105C9ACF8DAE1EDF9E79BBB9EC 73898 ----a-w- C:\Program Files (x86)\AVG\Zen\add.zip 2016-06-27 10:31:21 E99D18039505E0080876942DFD0A996F 48139287 ----a-w- C:\Users\wendy_000\AppData\Local\clear.fi\Photo.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-2738978234-4125683323-18102037-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-2738978234-4125683323-18102037-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" "Spotify Web Helper"="C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" "f.lux"="C:\Users\wendy_000\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" "OneDrive"="C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_USERS\S-1-5-21-2738978234-4125683323-18102037-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade" [HKEY_USERS\S-1-5-21-2738978234-4125683323-18102037-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64" "Uninstall C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" "Uninstall C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" "Uninstall C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" "Uninstall C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "abDocsDllLoader"="C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe" "AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe /lps=fmw" "whatsappTime"="C:\Users\wendy_000\AppData\Roaming\whatsappTime\whatsappTime.exe su" "AVG_UI"="C:\Program Files (x86)\AVG\Av\avuirunnerx.exe C:\Program Files (x86)\AVG\Av\avgui.exe" "MalwareProtectionLive"="C:\Users\wendy_000\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" "Spotify Web Helper"="C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" "f.lux"="C:\Users\wendy_000\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" "OneDrive"="C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64" "Uninstall C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" "Uninstall C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" "Uninstall C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" "Uninstall C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\G2MUpdateTask-S-1-5-21-2738978234-4125683323-18102037-1002.job --a-------- C:\Users\wendy_000\AppData\Local\Citrix\GoToMeeting\5102\g2mupdate.exe [15/06/2016 20:51] C:\WINDOWS\tasks\G2MUploadTask-S-1-5-21-2738978234-4125683323-18102037-1002.job --a-------- C:\Users\wendy_000\AppData\Local\Citrix\GoToMeeting\5102\g2mupload.exe [15/06/2016 20:51] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31/08/2015 19:35] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31/08/2015 19:35] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\abDocsDllLoader" [C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe] "C:\WINDOWS\SysNative\tasks\ACC" [C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe] "C:\WINDOWS\SysNative\tasks\ACCAgent" [C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe] "C:\WINDOWS\SysNative\tasks\AcerCloud" [C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe] "C:\WINDOWS\SysNative\tasks\BacKGroundAgent" [C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\DolbySelectorTask" [%ProgramFiles%\Dolby Digital Plus\ddp.exe] "C:\WINDOWS\SysNative\tasks\G2MUpdateTask-S-1-5-21-2738978234-4125683323-18102037-1002" [C:\Users\wendy_000\AppData\Local\Citrix\GoToMeeting\5102\g2mupdate.exe] "C:\WINDOWS\SysNative\tasks\G2MUploadTask-S-1-5-21-2738978234-4125683323-18102037-1002" [C:\Users\wendy_000\AppData\Local\Citrix\GoToMeeting\5102\g2mupload.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d" ["C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe"] "C:\WINDOWS\SysNative\tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon" ["C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe"] "C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"] "C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"] "C:\WINDOWS\SysNative\tasks\Launch Manager" ["C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe"] "C:\WINDOWS\SysNative\tasks\Opera scheduled Autoupdate 1448448647" [C:\Program Files (x86)\Opera\launcher.exe] "C:\WINDOWS\SysNative\tasks\Power Management" ["C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe"] "C:\WINDOWS\SysNative\tasks\Quick Access" ["C:\Program Files\Acer\Acer Quick Access\QALauncher.exe"] "C:\WINDOWS\SysNative\tasks\Quick Access Quick Launcher" ["C:\Program Files\Acer\Acer Quick Access\QALauncher.exe"] "C:\WINDOWS\SysNative\tasks\SweetLabs App Platform" [%LOCALAPPDATA%\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe] "C:\WINDOWS\SysNative\tasks\UbtFrameworkService" ["C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{CB14D31A-DDC7-4F45-BDD9-2AA7A304CA3C}" [C:\Windows\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\{F19EFA9A-EE30-43B4-AB8D-697EBA68C050}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\WINDOWS\SysNative\tasks\Intel\Intel Telemetry 2" [C:\Program Files\Intel\Telemetry 2.0\lrio.exe] "C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program 64" ["%ProgramFiles(x86)%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\REACHit Agent Startup" ["C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\REACHit Agent Update" ["C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe"] "C:\WINDOWS\SysNative\tasks\Recovery Management\Notification" [C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe] ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[25/05/2016 10:31] Google Slides - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Adblock for Youtube - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk Google Search - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Facebook Unseen - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\iicapmagmhahddefgokbabbgieiogjop Skype - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Pocket - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk myDownloads Search - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nibemhgacghipbplejpapmlnlkdaggbj Save to Pocket - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj Chrome Web Store Payments - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Skype Calling - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\poghlonenmjdkfghdpfomojhhfggildk ==== Chromium Fix ====================== C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.myway.com_0.localstorage deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.myway.com_0.localstorage-journal deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_hp.myway.com_0.localstorage deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_hp.myway.com_0.localstorage-journal deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_myimageconverter.dl.myway.com_0.localstorage deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_myimageconverter.dl.myway.com_0.localstorage-journal deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d3mwhxgzltpnyp.cloudfront.net_0.localstorage deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d3mwhxgzltpnyp.cloudfront.net_0.localstorage-journal deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.tb.ask.com_0.localstorage deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fromdoctopdf.dl.tb.ask.com_0.localstorage-journal deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_myimageconverter.dl.tb.ask.com_0.localstorage deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_myimageconverter.dl.tb.ask.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://mysearch.avg.com/?cid={9EEC32DA-87FE-4A48-975C-F807AE80500B}&mid=e917ceceef3147cda1dc29e025076358-3328242c3c4a7e74d7b2313593f3f17fab5cda0c&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2015-04-26 23:30:27&v=4.2.9.726&pid=wtu&sg=&sap=hp" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{95B7759C-8C7F-4BF1-B163-73684A933233}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{17FDD98E-3C09-4F2D-993A-1916B805D8F1}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{17FDD98E-3C09-4F2D-993A-1916B805D8F1} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB HKLM\Wow6432Node\SearchScopes "DefaultScope"="{17FDD98E-3C09-4F2D-993A-1916B805D8F1}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes\{17FDD98E-3C09-4F2D-993A-1916B805D8F1} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC HKCU\SearchScopes\{148234A7-A9F6-11E4-8263-F8A963E38AAB} - http://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms} HKCU\SearchScopes\{17FDD98E-3C09-4F2D-993A-1916B805D8F1} - No_Url_Value ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\02F6486B12843E11F869800002C0A966 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\istartsurf uninstall deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B6846F20-4821-11E3-8F96-0800200C9A66} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\02F6486B12843E11F869800002C0A966 deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O4 - HKLM\..\Run: [abDocsDllLoader] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw O4 - HKLM\..\Run: [whatsappTime] C:\Users\wendy_000\AppData\Roaming\whatsappTime\whatsappTime.exe su O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe O4 - HKLM\..\Run: [MalwareProtectionLive] C:\Users\wendy_000\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [f.lux] "C:\Users\wendy_000\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow O4 - HKCU\..\Run: [OneDrive] "C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\RunOnce: [Uninstall C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\wendy_000\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-2738978234-4125683323-18102037-1001\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2738978234-4125683323-18102037-1001\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'UpdatusUser') O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe O23 - Service: BlueStacks Plus Android Service (BstHdPlusAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel Bluetooth Service (iBtSiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) Technology Access Software Asset Manager (Intel(R) TA SAM) - Intel Corporation - C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe O23 - Service: Intel(R) Technology Access Legacy CS Loader (Intel(R) TechnologyAccessLegacyCSLoader) - Intel(R) Corporation - C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe O23 - Service: Intel(R) Technology Access Service (Intel(R) TechnologyAccessService) - Intel(R) Corporation - C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Quick Access Service (QASvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\QASvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: Quick Access RadioMgr Service (RMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\RMSvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\wendy_000\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\wendy_000\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\wendy_000\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\wendy_000\AppData\Local\Microsoft\Windows\INetCache\IE\817724WP will be deleted at reboot C:\Users\wendy_000\AppData\Local\Microsoft\Windows\INetCache\IE\AHSJ8Z0V will be deleted at reboot C:\Users\wendy_000\AppData\Local\Microsoft\Windows\INetCache\IE\TMLR47XO will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\wendy_000\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=8887 folders=254 652439249 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\WENDY_~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\wendy_000\AppData\Local\Microsoft\Windows\INetCache\IE\817724WP" not found "C:\Users\wendy_000\AppData\Local\Microsoft\Windows\INetCache\IE\AHSJ8Z0V" not found "C:\Users\wendy_000\AppData\Local\Microsoft\Windows\INetCache\IE\TMLR47XO" not found ==== EOF on vr 01/07/2016 at 14:17:53,65 ======================