
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by DESKTOP-MBM4LER on ma 15-08-2016 at  8:28:14,34.
Microsoft Windows 10 Pro 10.0.10586  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\van la Parra\Downloads\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

15-8-2016 08:31:15 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~3\boost_interprocess deleted successfully
C:\PROGRA~3\RegRun deleted successfully
C:\Users\van la Parra\AppData\Local\ActiveSync deleted successfully
C:\Users\van la Parra\AppData\Local\PeerDistRepub deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
C:\Program Files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe
C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files (x86)\G DATA\TotalProtection\AVKTray\AVKTray.exe
C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFirewallTray.exe
C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe
C:\Windows\PixArt\PAC207\Monitor.exe
C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
C:\Users\van la Parra\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\G DATA\TotalProtection\TSNxG\TSNxGService.exe
C:\Users\van la Parra\Downloads\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
"C:\Windows\Installer\8fddfd6.msi" deleted

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 3319 MB
CPU Info: Intel(R) Pentium(R) Dual  CPU  E2160  @ 1.80GHz
CPU Speed: 1822,1 MHz
Sound Card: Luidsprekers (High Definition A | 
Luidsprekers (High Definition A | 
Display Adapters: Intel(R)  946GZ Express Chipset Family (Microsoft Corporation - WDDM 1.1)
Monitors: 1x; SyncMaster 2443NW/2443NWX | 
Screen Resolution: 1920 X 1200 - 32 bit
Network: Network Present
Network Adapters: Intel(R) PRO/100 VE Network Connection
CD / DVD Drives: 1x (I: | ) I: TSSTcorpCD/DVDW TS-H653L
Ports: COM1 | COM2 LPT1
Mouse: 8 Button Wheel Mouse Present
Hard Disks: C:  259,7GB | D:  205,1GB
Hard Disks - Free: C:  213,6GB | D:  150,2GB
Manufacturer *: Phoenix Technologies, LTD
BIOS Info: AT/AT COMPATIBLE | 05/25/07 | HPQOEM - 42302e31
Time Zone: West-Europa (standaardtijd)
Motherboard *: MSI 0A90
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

Default Browser: Firefox	48.0
Internet Explorer Version: 11.545.10586.0 
Mozilla Firefox version: 48.0 (x86 en-US)
Adobe Reader version: 15.17.20050.192152
Flash Player version: 22.0.0.209

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2016-07-30 06:24:59	CA2A8AF1DBAD0F31F9B33A2827DFBC16	207	----a-w-	C:\Windows\tweaking.com-regbackup-DESKTOP-MBM4LER-Windows-10-Pro-(64-bit).dat
====== C:\Users\VANLAP~1\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2016-08-09 18:42:24	5E6CDE8BF64ED54240C56C7D79749835	48128	----a-w-	C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-09 18:42:23	6A85D494B213A6D0DD225D1E4A5575CB	2180096	----a-w-	C:\Windows\SysWOW64\Windows.StateRepository.dll
2016-08-09 18:42:23	2DF357BB5F7F38511A061DCD5249AFBF	48640	----a-w-	C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-09 18:42:21	A37F57E7D0C221456DB827B06B7AFC10	12585984	----a-w-	C:\Windows\SysWOW64\wmp.dll
2016-08-09 18:42:17	F4B7E20FF3CB74AE9D980FA3F0B8B210	84832	----a-w-	C:\Windows\SysWOW64\NetSetupApi.dll
2016-08-09 18:42:17	393B5F91D15E12837F8B64E626691444	4078080	----a-w-	C:\Windows\SysWOW64\dbgeng.dll
2016-08-09 18:42:17	1AF2375F21C2CBE38BC63CB482D2006C	501592	----a-w-	C:\Windows\SysWOW64\NetSetupEngine.dll
2016-08-09 18:42:17	0043DC9E479AADB7581A0C214C12981C	34088	----a-w-	C:\Windows\SysWOW64\wldp.dll
2016-08-09 18:42:13	4A660D57D0607569460DD0D38DF6BECC	51128	----a-w-	C:\Windows\SysWOW64\SensorsNativeApi.dll
2016-08-09 18:42:06	D9BEB680598B0F91D2F8160616534555	2921368	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2016-08-09 18:42:06	8C751452AED953068107928102CF0DB3	6743040	----a-w-	C:\Windows\SysWOW64\mstscax.dll
2016-08-09 18:42:06	34FAB1BF0E226F861C7CE31EED76CF2E	703840	----a-w-	C:\Windows\SysWOW64\WWAHost.exe
2016-08-09 18:42:03	5BCC73C347DBE5DCDF12F6968742CD48	219136	----a-w-	C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-08-09 18:42:03	5B3F9B063B6C2BCBC787DE648E03A2F9	91648	----a-w-	C:\Windows\SysWOW64\tdlrecover.exe
2016-08-09 18:42:03	58721A724ACF9EB64FFC73CEA2E5AD18	434688	----a-w-	C:\Windows\SysWOW64\LogonController.dll
2016-08-09 18:42:01	4F4D63356F15B14FB4B7DBDD380C7EAD	792064	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2016-08-09 18:42:00	DF671DD017F4CA34A6132C4A4F51478B	705536	----a-w-	C:\Windows\SysWOW64\wuapi.dll
2016-08-09 18:42:00	810EEE24B05B19F8688AE1A63E4C763B	80896	----a-w-	C:\Windows\SysWOW64\BluetoothApis.dll
2016-08-09 18:42:00	64686775DDFEB380810D7EAF65B091BD	51712	----a-w-	C:\Windows\SysWOW64\wshbth.dll
2016-08-09 18:42:00	56C9D34DEA76A89175F7088354949612	957608	----a-w-	C:\Windows\SysWOW64\ole32.dll
2016-08-09 18:41:59	CB84F62C5267E1D8D5754787B984DB36	13018112	----a-w-	C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-08-09 18:41:56	E648A70AAFA36321ABF93038831E06D7	178688	----a-w-	C:\Windows\SysWOW64\wevtutil.exe
2016-08-09 18:41:53	C1272B9E6A81130CED8A35435F40B114	21123320	----a-w-	C:\Windows\SysWOW64\shell32.dll
2016-08-09 18:41:47	9091FD746F787DD88BC6984C4B3AC538	1467392	----a-w-	C:\Windows\SysWOW64\GdiPlus.dll
2016-08-09 18:41:46	E7424977748B9CDCFE6C0BDDA5651292	400896	----a-w-	C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-09 18:41:46	AE17FADA552633E0C42EB0AD2DAEB5CA	255168	----a-w-	C:\Windows\SysWOW64\LockAppHost.exe
2016-08-09 18:41:46	AA551F342B77497149EA7E6C42836084	2501120	----a-w-	C:\Windows\SysWOW64\wininet.dll
2016-08-09 18:41:45	B2A55F01906660ADD91299A2584B8473	18677760	----a-w-	C:\Windows\SysWOW64\edgehtml.dll
2016-08-09 18:41:45	9D6A4CDEC72C48E8D4A2F4A107C0C152	465760	----a-w-	C:\Windows\SysWOW64\SettingSyncHost.exe
2016-08-09 18:41:44	9754A48B3C6C24F458B8745FD474B718	1708032	----a-w-	C:\Windows\SysWOW64\ActiveSyncProvider.dll
2016-08-09 18:41:43	A75E17C4E41705FDAACB8BEB4EA8C57E	5323776	----a-w-	C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-08-09 18:41:42	B46AD783A5B6323D98CDCF1CB4B3ECB4	1502208	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2016-08-09 18:41:42	7AE957004F39BCFC36C3F1F9D359A414	687616	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2016-08-09 18:41:42	39FE6CAF16ED024603401AF9A0C468EB	3663360	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2016-08-09 18:41:41	1350A4FFEB34D501E2D029A17D24D5DE	19351040	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2016-08-09 18:41:40	CB52438601FC0C3781C82D17891B8FD0	5660672	----a-w-	C:\Windows\SysWOW64\Chakra.dll
2016-08-09 18:41:40	C70AB2A6F3194C11A4EC5E626764AF3A	2050048	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2016-08-09 18:41:40	58A1678722856F13021A1A0A77FB8604	92160	----a-w-	C:\Windows\SysWOW64\IdCtrls.dll
2016-08-09 18:41:38	278C808F4A7CCAD30D64CAA85AB3DFEF	12133376	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2016-08-09 18:41:31	1962CE5B946E523D218B1C9BDE927147	1526272	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2016-08-09 18:41:23	624C59AA9DD73DED86A2A23FE25C7A1B	286208	----a-w-	C:\Windows\SysWOW64\SensorsApi.dll
2016-08-09 18:41:22	17AF53CC930792A791A48B2AA8E17EBB	335872	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2016-08-08 11:27:02	ED7C341793C94C671F88B758ADA338ED	252	----a-w-	C:\Windows\SysWOW64\PARTIZAN.TXT
2016-08-01 13:34:00	BE59ABB2AC11DD20EEB0534AA7061D5E	32768	----a-w-	C:\Windows\SysWOW64\'%?p?h?j?jd
2016-08-01 13:34:00	59071590099D21DD439896592338BF95	524288	--sha-w-	C:\Windows\SysWOW64\'%?p?h?j?jd{d0b5e60c-56f6-11e6-9976-0019dbbaac24}.TMContainer00000000000000000002.regtrans-ms
2016-08-01 13:34:00	58EB81A4BADFA1966B76C96875B11D25	65536	--sha-w-	C:\Windows\SysWOW64\'%?p?h?j?jd{d0b5e60c-56f6-11e6-9976-0019dbbaac24}.TM.blf
2016-08-01 13:34:00	529B54D6F4067FC7FE1BB6A1C153859D	524288	--sha-w-	C:\Windows\SysWOW64\'%?p?h?j?jd{d0b5e60c-56f6-11e6-9976-0019dbbaac24}.TMContainer00000000000000000001.regtrans-ms
====== C:\Windows\SysWOW64\drivers =====
2016-08-08 10:44:47	1973905F86420E6E216C1825E1A5D0E8	12808	----a-w-	C:\Windows\SysWOW64\drivers\UnHackMeDrv.sys
====== C:\Windows\Sysnative =====
2016-08-09 18:42:24	B31C35FD2F5FD7EC6C59679593B91216	189952	----a-w-	C:\Windows\Sysnative\MusNotification.exe
2016-08-09 18:42:24	5A54AE9F1538CC766725EC9778B643A5	58880	----a-w-	C:\Windows\Sysnative\MusNotificationUx.exe
2016-08-09 18:42:23	F7EB9C110D64DD627AEA36C055132ED7	515072	----a-w-	C:\Windows\Sysnative\OneDriveSettingSyncProvider.dll
2016-08-09 18:42:23	CA9636181E7AB74A2482D22145CA2D65	84480	----a-w-	C:\Windows\Sysnative\rdpudd.dll
2016-08-09 18:42:22	9419D31C232C0BB3EAA8CD11519A96E3	4171264	----a-w-	C:\Windows\Sysnative\rdpcorets.dll
2016-08-09 18:42:22	5777F39D6C7442A856CDDC40E3A53727	566112	----a-w-	C:\Windows\Sysnative\SettingSyncHost.exe
2016-08-09 18:42:20	9508F06AC3C00680F0C76EEBDA42260D	808288	----a-w-	C:\Windows\Sysnative\WWAHost.exe
2016-08-09 18:42:19	011E683E228B1A6B9F6C4A1CD96FB95E	6974464	----a-w-	C:\Windows\Sysnative\Windows.Data.Pdf.dll
2016-08-09 18:42:18	EFC92FC5E9CEA5E3C21A00C1E6B37976	14252544	----a-w-	C:\Windows\Sysnative\wmp.dll
2016-08-09 18:42:16	4E4D0693092F72EF41872A785B6ABD87	5123072	----a-w-	C:\Windows\Sysnative\dbgeng.dll
2016-08-09 18:42:14	C0B52E87C74E9C9F6BDF678987DF6835	1388032	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2016-08-09 18:42:14	5252AE36A3175861E1DAC322BF9A8DC9	247296	----a-w-	C:\Windows\Sysnative\wevtutil.exe
2016-08-09 18:42:11	C0A74EF101625756989F90162A6665D1	218624	----a-w-	C:\Windows\Sysnative\cdd.dll
2016-08-09 18:42:11	6AD9CFA5567F79AD3508FA48065F0117	44544	----a-w-	C:\Windows\Sysnative\musdialoghandlers.dll
2016-08-09 18:42:11	643A3DBB11ECF3169922BF628BEC3B98	115040	----a-w-	C:\Windows\Sysnative\NetSetupApi.dll
2016-08-09 18:42:11	5C7C3479B1AC8C059B81DD0A28FA6DA4	1387520	----a-w-	C:\Windows\Sysnative\win32kbase.sys
2016-08-09 18:42:11	0932BEEE3B37E0CDE94E39D3F90B00F0	693600	----a-w-	C:\Windows\Sysnative\NetSetupEngine.dll
2016-08-09 18:42:10	D8CAB1807EA429C2C647FBC33C30CC88	211456	----a-w-	C:\Windows\Sysnative\NetSetupSvc.dll
2016-08-09 18:42:10	5F5F86A3B85785A51DD37E26A0D87B41	1997824	----a-w-	C:\Windows\Sysnative\ActiveSyncProvider.dll
2016-08-09 18:42:09	BF6C588423B2F856015AE8F61D93D01F	379392	----a-w-	C:\Windows\Sysnative\usocore.dll
2016-08-09 18:42:08	9A4FA67BAC171581BC3A8B397F17A6B2	47616	----a-w-	C:\Windows\Sysnative\TpmTasks.dll
2016-08-09 18:42:08	92F7552D4189CAA297D94CB3999B3309	3589120	----a-w-	C:\Windows\Sysnative\win32kfull.sys
2016-08-09 18:42:07	DE8218E572F2E1B62C2806D3E19C60BF	16985088	----a-w-	C:\Windows\Sysnative\Windows.UI.Xaml.dll
2016-08-09 18:42:05	5D7E0F09F1763FDC1E8B1F0F806C993F	7536640	----a-w-	C:\Windows\Sysnative\mstscax.dll
2016-08-09 18:42:02	F72B2B6066DDA315E94DCF9C3DF027A7	200192	----a-w-	C:\Windows\Sysnative\WUDFPlatform.dll
2016-08-09 18:42:02	A17D939E89831694963802A729191D1F	1213440	----a-w-	C:\Windows\Sysnative\wwansvc.dll
2016-08-09 18:42:02	81AF2D59BCD0F784748D0D85E23B2ADC	1500160	----a-w-	C:\Windows\Sysnative\RecoveryDrive.exe
2016-08-09 18:42:02	602060E8FD837EC184B10B32795D62AB	198144	----a-w-	C:\Windows\Sysnative\winsrv.dll
2016-08-09 18:42:01	CEB4C80F53DD880ED626A66E67EF6464	1717760	----a-w-	C:\Windows\Sysnative\GdiPlus.dll
2016-08-09 18:41:59	12D19C047E87E2951F29D9B0688CF2A8	692136	----a-w-	C:\Windows\Sysnative\sppwinob.dll
2016-08-09 18:41:58	ED99282EABDAE41696B42E3BC9581026	1540224	----a-w-	C:\Windows\Sysnative\sppobjs.dll
2016-08-09 18:41:58	BFB3F9076F9B6CBC540012842177DD63	2280960	----a-w-	C:\Windows\Sysnative\wuaueng.dll
2016-08-09 18:41:58	496F741F5EA0A938742C60441288AB62	26408	----a-w-	C:\Windows\Sysnative\wuauclt.exe
2016-08-09 18:41:58	312C36630E019D8D0E8BF9D314291C7E	3025920	----a-w-	C:\Windows\Sysnative\wininet.dll
2016-08-09 18:41:57	518492A1B8E10E7D544F9E83120DF61D	1732096	----a-w-	C:\Windows\Sysnative\urlmon.dll
2016-08-09 18:41:57	42FE5F8652308F9982130292A8CC2700	3675512	----a-w-	C:\Windows\Sysnative\iertutil.dll
2016-08-09 18:41:56	D3938A0F10D2A4123F3C2AF61E27ABD5	848896	----a-w-	C:\Windows\Sysnative\wuapi.dll
2016-08-09 18:41:56	0C62C32702621557AB2B97CEDB02CD8E	104448	----a-w-	C:\Windows\Sysnative\BluetoothApis.dll
2016-08-09 18:41:55	0D33A5A89A72736F540E96C8F0412377	63488	----a-w-	C:\Windows\Sysnative\wshbth.dll
2016-08-09 18:41:55	0914E0B3AFF87F80605F097B675D6782	7469408	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2016-08-09 18:41:51	DB98838EA2799AA094D7693A016B1633	2067968	----a-w-	C:\Windows\Sysnative\AppXDeploymentExtensions.dll
2016-08-09 18:41:51	C277E33EA329821F6BCA443812B4E8D6	64000	----a-w-	C:\Windows\Sysnative\Windows.StateRepositoryClient.dll
2016-08-09 18:41:51	B3A0F11506D6CE8C7D1B346AABE617B8	59904	----a-w-	C:\Windows\Sysnative\Windows.StateRepositoryBroker.dll
2016-08-09 18:41:51	99435AD1BC9E7E7CEA528868E5B1F9B2	2746368	----a-w-	C:\Windows\Sysnative\Windows.StateRepository.dll
2016-08-09 18:41:50	FF048B3BA431DCEBB79CDE396D7FCB86	50368	----a-w-	C:\Windows\Sysnative\CompatTelRunner.exe
2016-08-09 18:41:50	C65CA4C573AAE28CE068BBCE978860BB	92352	----a-w-	C:\Windows\Sysnative\acmigration.dll
2016-08-09 18:41:50	736BC0930DF22D535C9667D78F8DEB71	2175488	----a-w-	C:\Windows\Sysnative\AppXDeploymentServer.dll
2016-08-09 18:41:49	EAB476E252CE866727624B5224A054E4	506880	----a-w-	C:\Windows\Sysnative\tileobjserver.dll
2016-08-09 18:41:49	DB8AF29D208C6496147BEA36D1B4CC27	285184	----a-w-	C:\Windows\Sysnative\VEEventDispatcher.dll
2016-08-09 18:41:49	9017B26672F5BD70501A9BA37990453F	1505984	----a-w-	C:\Windows\Sysnative\appraiser.dll
2016-08-09 18:41:48	E9375CFB103F4D4A54EAB185F67E379B	123392	----a-w-	C:\Windows\Sysnative\tdlrecover.exe
2016-08-09 18:41:48	C114604250CDC68E99F2F8A1AE3BEC4D	303216	----a-w-	C:\Windows\Sysnative\LockAppHost.exe
2016-08-09 18:41:48	30C17CDD5108ED26EC983883348C7965	37744	----a-w-	C:\Windows\Sysnative\wldp.dll
2016-08-09 18:41:48	28898A890CEE2BFD763A12FB54E8E618	110080	----a-w-	C:\Windows\Sysnative\IdCtrls.dll
2016-08-09 18:41:46	5AB0796C22D7DBAF629A08C22494C5CE	127488	----a-w-	C:\Windows\Sysnative\VEDataLayerHelpers.dll
2016-08-09 18:41:40	5FE44212DD34A190819E49591AD142BE	784384	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2016-08-09 18:41:39	A5A462B5948BC9BAF6C1CA6C2BB35D79	4895232	----a-w-	C:\Windows\Sysnative\jscript9.dll
2016-08-09 18:41:38	4056766C783514E2786F13CCA59A8787	2127360	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2016-08-09 18:41:37	757357D0D97DCBB68FDF8F8C9EA41E51	7833088	----a-w-	C:\Windows\Sysnative\Chakra.dll
2016-08-09 18:41:36	EB68DCC48742D6DDAF1B6DAA808B2BEF	13390336	----a-w-	C:\Windows\Sysnative\ieframe.dll
2016-08-09 18:41:36	7C86F530A60EB5F70691124A7231172A	764928	----a-w-	C:\Windows\Sysnative\Chakradiag.dll
2016-08-09 18:41:35	FD9C5FB457450D925E08454927CD9219	22384128	----a-w-	C:\Windows\Sysnative\edgehtml.dll
2016-08-09 18:41:33	B0ADC6DEDD9EC1EEC686926484D8DD1B	381952	----a-w-	C:\Windows\Sysnative\wuuhext.dll
2016-08-09 18:41:32	0CCC61F60F7B447F9F77CE55FD9F4690	24613888	----a-w-	C:\Windows\Sysnative\mshtml.dll
2016-08-09 18:41:31	DFD15944C2D56FF462EE33BC9AF71BE0	1752576	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2016-08-09 18:41:30	EEF099B4F1DA73009565C1E70E76C587	529920	----a-w-	C:\Windows\Sysnative\LogonController.dll
2016-08-09 18:41:30	C034C41CAD5A0C805CE8BDCB4E75231A	1322760	----a-w-	C:\Windows\Sysnative\ole32.dll
2016-08-09 18:41:30	7BEA06396A13383998CD09E38C1AC53B	412160	----a-w-	C:\Windows\Sysnative\MusUpdateHandlers.dll
2016-08-09 18:41:29	9789FF6230BBE2D57F460E87E922D613	22561256	----a-w-	C:\Windows\Sysnative\shell32.dll
2016-08-09 18:41:24	B687CA2B2FB902BF00B1127D61A84C00	359936	----a-w-	C:\Windows\Sysnative\SensorsApi.dll
2016-08-09 18:41:23	CEEC73833A4C6B31E2F376A3FD4DA73E	91136	----a-w-	C:\Windows\Sysnative\bthserv.dll
2016-08-09 18:41:23	89A9AA26EDF4CC2DA3820208CEA61CBB	58408	----a-w-	C:\Windows\Sysnative\SensorsNativeApi.dll
2016-08-09 18:41:23	0A66FDBDE5FECC0BDF22D0CF59C66C78	970752	----a-w-	C:\Windows\Sysnative\kerberos.dll
2016-08-09 18:41:22	CA6F4D06FC3931775FA1F726CE01704E	383488	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2016-08-09 18:41:22	693C7B05D9E1D5B3BBC242A5569639AB	221696	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2016-08-09 18:41:22	3A96F324681545F135320A9E91793972	339968	----a-w-	C:\Windows\Sysnative\SensorService.dll
2016-08-08 10:44:47	21DCA64C1C60108D5064623CDC8B5E4A	49968	----a-w-	C:\Windows\Sysnative\partizan.exe
====== C:\Windows\Sysnative\drivers =====
2016-08-09 18:42:15	C2138FE291C8235C3A26CD04EE629163	161632	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2016-08-09 18:42:15	570BA8E8E1E3064A7D92F862B7F59B60	604928	----a-w-	C:\Windows\Sysnative\drivers\cng.sys
2016-08-09 18:42:12	97269D0CF0C275A7DF5BFCA6692CC8B8	393056	----a-w-	C:\Windows\Sysnative\drivers\dxgmms1.sys
2016-08-09 18:42:11	E61E8025B3FC30906B9BFF0E1602B1E8	576864	----a-w-	C:\Windows\Sysnative\drivers\dxgmms2.sys
2016-08-09 18:42:11	E5EF652F8C880EC48A4E827698416338	1988448	----a-w-	C:\Windows\Sysnative\drivers\dxgkrnl.sys
2016-08-09 18:42:01	34DDBE73E42A4EDED7BEFF66F270C1A4	99680	----a-w-	C:\Windows\Sysnative\drivers\pdc.sys
2016-08-09 18:41:56	FAEBE339AB36831B77DC8F3B81DEDF75	465248	----a-w-	C:\Windows\Sysnative\drivers\storport.sys
2016-08-09 18:41:56	3F89E96BDA0A24A3D2DBB7CE1E625589	331616	----a-w-	C:\Windows\Sysnative\drivers\pci.sys
2016-08-09 18:41:23	1BB74617AE07539EC7C31C93F98644C7	422744	----a-w-	C:\Windows\Sysnative\drivers\rdbss.sys
2016-07-22 03:51:40	D08FFE34AF5B7AC5F69EEA1E0E8C6ECE	164992	----a-w-	C:\Windows\Sysnative\drivers\ssudmdm.sys
2016-07-22 03:51:36	0F4A5D01156B948B54550375498B08A2	130688	----a-w-	C:\Windows\Sysnative\drivers\ssudbus.sys
====== C:\Windows\Tasks ======
2016-08-13 11:39:22	7E4C60B094C56CA96F68DB0E7C5E5D74	3446	----a-w-	C:\Windows\Sysnative\Tasks\id updater task
2016-07-31 04:36:26	E417B9B34AEB89D39C136F960DD32983	214	----a-w-	C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2016-07-30 06:16:24	AA7745F143564BCB0BADFEC70B275DA4	3796	----a-w-	C:\Windows\Sysnative\Tasks\Tweaking.com - Windows Repair Tray Icon
2016-07-21 17:36:00	FA8A5828F274381C9AF60AEE3010EC9C	1002	----a-w-	C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-07-21 17:36:00	8A7A94462E90C214B45B05AAFAFE93C1	4096	----a-w-	C:\Windows\Sysnative\Tasks\Adobe Flash Player PPAPI Notifier
====== C:\Windows\Temp ======
======= C:\Program Files =====
2016-08-13 11:37:37	--------	d-----w-	C:\Program Files\DIFX
2016-08-13 11:37:29	--------	d-----w-	C:\Program Files\Open-EID
2016-08-07 15:39:57	--------	d-----w-	C:\Program Files\Samsung
2016-07-16 17:05:06	--------	d-----w-	C:\Program Files\CMAK
======= C:\PROGRA~2 =====
2016-08-13 11:39:12	--------	d-----w-	C:\PROGRA~2\Open-EID
2016-07-30 06:15:41	--------	d-----w-	C:\PROGRA~2\Tweaking.com
2016-07-25 16:01:21	--------	d-----w-	C:\PROGRA~2\Kaspersky Lab
2016-07-23 12:42:39	--------	d---a-w-	C:\PROGRA~2\Seagate
2016-07-19 19:38:43	--------	d-----w-	C:\PROGRA~2\Comodo
2016-07-16 17:05:06	--------	d-----w-	C:\PROGRA~2\CMAK
======= C: =====
====== C:\Users\van la Parra\AppData\Roaming ======
2016-07-30 07:10:50	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\ConnectedDevicesPlatform
2016-07-23 13:18:29	--------	d-----w-	C:\Users\van la Parra\AppData\Local\Seagate_Technology_LLC
2016-07-19 19:39:04	--------	d-----w-	C:\Users\van la Parra\AppData\Local\Comodo
2016-07-16 17:22:10	--------	d-----w-	C:\Users\van la Parra\AppData\Local\ElevatedDiagnostics
====== C:\Users\van la Parra ======
2016-08-13 11:39:28	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ID-card
2016-08-13 11:33:11	89C1D1B54A15AB97E13436ED8C24F4FE	682648	----a-w-	C:\Users\van la Parra\Downloads\Open-EID-3.12.4.1667_x86.exe
2016-08-08 11:47:54	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA TOTAL PROTECTION
2016-08-08 10:44:47	--------	d-----w-	C:\Users\Public\Documents\regruninfo
2016-08-05 16:52:42	228CFFC04396DAB72441E7CF8C82A490	1290600	----a-w-	C:\Users\van la Parra\Downloads\wlsetup-web (1).exe
2016-08-05 15:23:06	9FA7DFBA8B89FE97C552D58F4AFBC98E	1290088	----a-w-	C:\Users\van la Parra\Downloads\wlsetup-web.exe
2016-07-30 06:16:19	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2016-07-25 15:38:04	--------	d-----r-	C:\Users\van la Parra\Documents
2016-07-25 15:38:03	--------	d-----r-	C:\Users\van la Parra\Pictures
2016-07-23 12:42:55	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard 2.0
2016-07-23 12:42:44	--------	d-----w-	C:\ProgramData\Nero
2016-07-19 19:39:10	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo

====== C: exe-files ==
2016-08-13 11:33:11	89C1D1B54A15AB97E13436ED8C24F4FE	682648	----a-w-	C:\Users\van la Parra\Downloads\Open-EID-3.12.4.1667_x86.exe
2016-08-09 18:42:16	55152AEB1D2A54BB15ADCFBB65008048	356864	----a-w-	C:\Program Files (x86)\CMAK\Support\nl-NL\cmbins.exe
2016-08-09 18:41:54	EB57370DB06A6A5DD73AB761D7B40B09	820416	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2016-08-09 18:41:54	2EA29A50765B19DA239EB99D65F96521	816320	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2016-08-09 18:41:49	6790DACFC7CE39F92278DE78875E9812	2143744	----a-w-	C:\Program Files\Windows Journal\Journal.exe
2016-08-08 11:43:19	E5EADC0520E3D895EDD22081E9D70050	4671392	----a-w-	C:\Program Files (x86)\G DATA\TotalProtection\AVK\UpdatePGM\setup.exe
2016-08-08 11:43:19	A820350AD8F15A09B000A76D33B3EF8E	2564000	----a-w-	C:\Program Files (x86)\G DATA\TotalProtection\AVK\UpdatePGM\UpdateGUI.exe
2016-08-08 11:43:19	3A2F7286EACBE71E63C1D7D3CE04551C	1641800	----a-w-	C:\Program Files (x86)\G DATA\TotalProtection\AVK\UpdatePGM\iupdateavk.exe
=== C: other files ==
2016-08-14 20:54:28	1054CF293BC07147B23C52E656FFDA3F	746276	----a-w-	C:\Users\van la Parra\Downloads\Attachments_2016814.zip
2016-08-14 14:07:55	5A45C5E1C560CD48D3A4059F8F9A5EA4	165	----a-w-	C:\Users\van la Parra\AppData\Local\Temp\DeleteOnReboot.bat
2016-08-13 13:22:47	814AA02E02A54770CF06226A2AC68F50	2027433	----a-w-	C:\Users\van la Parra\AppData\Roaming\Mozilla\Firefox\Profiles\ly19k0bl.default-1471093920615\features\{45ab9fc9-3034-4364-8d30-421f813e87f4}\loop@mozilla.org.xpi
2016-08-13 13:22:47	42910AD54D5C1E030808FE0871BF87B1	781661	----a-w-	C:\Users\van la Parra\AppData\Roaming\Mozilla\Firefox\Profiles\ly19k0bl.default-1471093920615\features\{45ab9fc9-3034-4364-8d30-421f813e87f4}\firefox@getpocket.com.xpi
2016-08-13 13:22:47	21D3AEE8E1C0F87AAC15B3AFA26C1FB8	6351	----a-w-	C:\Users\van la Parra\AppData\Roaming\Mozilla\Firefox\Profiles\ly19k0bl.default-1471093920615\features\{45ab9fc9-3034-4364-8d30-421f813e87f4}\e10srollout@mozilla.org.xpi
2016-08-09 18:42:15	C2138FE291C8235C3A26CD04EE629163	161632	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2016-08-09 18:42:15	570BA8E8E1E3064A7D92F862B7F59B60	604928	----a-w-	C:\Windows\System32\drivers\cng.sys
2016-08-09 18:42:12	97269D0CF0C275A7DF5BFCA6692CC8B8	393056	----a-w-	C:\Windows\System32\drivers\dxgmms1.sys
2016-08-09 18:42:11	E61E8025B3FC30906B9BFF0E1602B1E8	576864	----a-w-	C:\Windows\System32\drivers\dxgmms2.sys
2016-08-09 18:42:11	E5EF652F8C880EC48A4E827698416338	1988448	----a-w-	C:\Windows\System32\drivers\dxgkrnl.sys
2016-08-09 18:42:11	5C7C3479B1AC8C059B81DD0A28FA6DA4	1387520	----a-w-	C:\Windows\System32\win32kbase.sys
2016-08-09 18:42:08	92F7552D4189CAA297D94CB3999B3309	3589120	----a-w-	C:\Windows\System32\win32kfull.sys
2016-08-09 18:42:01	34DDBE73E42A4EDED7BEFF66F270C1A4	99680	----a-w-	C:\Windows\System32\drivers\pdc.sys
2016-08-09 18:41:56	FAEBE339AB36831B77DC8F3B81DEDF75	465248	----a-w-	C:\Windows\System32\drivers\storport.sys
2016-08-09 18:41:56	3F89E96BDA0A24A3D2DBB7CE1E625589	331616	----a-w-	C:\Windows\System32\drivers\pci.sys
2016-08-09 18:41:23	1BB74617AE07539EC7C31C93F98644C7	422744	----a-w-	C:\Windows\System32\drivers\rdbss.sys
2016-08-08 11:22:23	857F278707F3B8120E642338F86AFF33	251	----a-w-	C:\@RestoreQuarantine\2016-Aug-08_13hour\restore_files.bat
2016-08-08 10:44:47	1973905F86420E6E216C1825E1A5D0E8	12808	----a-w-	C:\Windows\SysWOW64\drivers\UnHackMeDrv.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-234901561-1536892485-3164044181-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\S-1-5-21-234901561-1536892485-3164044181-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\van la Parra\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\van la Parra\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"G Data ASM"="C:\Program Files (x86)\G DATA\TotalProtection\DelayLoader\AutorunDelayLoader.exe /autostart"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\van la Parra\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\van la Parra\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PAC207_Monitor"="C:\Windows\PixArt\PAC207\Monitor.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [21-07-2016 19:35]
C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [21-07-2016 19:35]
C:\Windows\tasks\CreateExplorerShellUnelevatedTask.job --a-------- C:\Windows\explorer.exe [01-07-2016 06:33]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-234901561-1536892485-3164044181-1001Core.job --a-------- C:\Users\van la Parra\AppData\Local\Google\Update\GoogleUpdate.exe [22-05-2016 20:00]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-234901561-1536892485-3164044181-1001UA.job --a-------- C:\Users\van la Parra\AppData\Local\Google\Update\GoogleUpdate.exe [22-05-2016 20:00]
C:\Windows\tasks\HPCeeScheduleForvan la Parra.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [22-01-2016 21:52]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player PPAPI Notifier" [C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateExplorerShellUnelevatedTask" [C:\Windows\explorer.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-234901561-1536892485-3164044181-1001Core" [C:\Users\van la Parra\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-234901561-1536892485-3164044181-1001UA" [C:\Users\van la Parra\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HPCeeScheduleForvan la Parra" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\Windows\SysNative\tasks\id updater task" [C:\Program Files (x86)\Open-EID\ID-updater.exe]
"C:\Windows\SysNative\tasks\Seagate_Install_Launch" [C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe]
"C:\Windows\SysNative\tasks\Tweaking.com - Windows Repair Tray Icon" [C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{61F07557-C454-4323-9D8E-E7325EA7A1CB}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\van la Parra DBAgent 2 0" ["C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe"]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{aa84ce40-4253-a00a-8cd6-0800200f9a67}"="C:\Program Files\Open-EID\\{aa84ce40-4253-a00a-8cd6-0800200f9a67}.xpi" [30-06-2016 22:34]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{aa84ce40-4253-a00a-8cd6-0800200f9a67}"="C:\Program Files\Open-EID\\{aa84ce40-4253-a00a-8cd6-0800200f9a67}.xpi" [30-06-2016 22:34]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\van la Parra\AppData\Roaming\Mozilla\Firefox\Profiles\ly19k0bl.default-1471093920615
62D98B286C805E193568037B70D936D2	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll -	Shockwave Flash
3EE8AE0ECFE5D79DE1737A855AD1E84C	- C:\Users\van la Parra\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll -	Google Update


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ckjefchnfjhjfedoccjbhjpbncimppeg - No path found[]

Comodo Drag&Drop Service - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo
Comodo Web Inspector - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn
Bitdefender TrafficLight adds a strong and non-intrusive layer of security to your browsing experience - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cfnpidifppmenkapgihekkeednfoenal
Token signing - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ckjefchnfjhjfedoccjbhjpbncimppeg
Comodo Media Downloader - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dihmnpngfonlhjmgkflpnibiaaliendo
PriceSuggester - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ejodbgfcaefpfbfgakjpjoppmkgmcpjp
Comodo Dragon Browser Light Theme - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kglppafajjeikfgmjjegogphhkjnnmgc
Comodo Share Page Service - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf
Chrome Web Store Payments - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chromium Fix ======================

C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=nl-nl"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=nl-nl"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6B29CF5842DBAB44DBA3EBA49289AE21 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{85FC92B6-BD24-44BA-BD3A-BE4A2998EA12} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\6B29CF5842DBAB44DBA3EBA49289AE21 deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: EstEIDIEPluginBHO - {2A4E94A4-B275-491A-9E32-CD7A26FC7C3B} - C:\Program Files\Open-EID\esteid-plugin-ie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [G Data ASM] "C:\Program Files (x86)\G DATA\TotalProtection\DelayLoader\AutorunDelayLoader.exe" /autostart
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\van la Parra\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\van la Parra\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{45fd7784-0ddb-4131-87cc-c675ebba05a4}: NameServer = 8.26.56.26,8.20.247.20
O17 - HKLM\System\CS1\Services\Tcpip\..\{45fd7784-0ddb-4131-87cc-c675ebba05a4}: NameServer = 8.26.56.26,8.20.247.20
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: G�DATA�ANTIVIRUS Proxy (AVKProxy) - G DATA Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
O23 - Service: G�DATA Scheduler (AVKService) - G DATA Software AG - C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKService.exe
O23 - Service: G DATA Bestandssysteemmonitor (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKWCtlx64.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: G�DATA Backup Service (GDBackupSvc) - G DATA Software AG - C:\Program Files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe
O23 - Service: G�DATA Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFwSvcx64.exe
O23 - Service: G�DATA Scanner (GDScan) - G DATA Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
O23 - Service: G�DATA Tuner-service (GDTunerSvc) - G DATA Software AG - C:\Program Files (x86)\G DATA\TotalProtection\AVKTuner\AVKTunerService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Seagate Dashboard Services - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
O23 - Service: Seagate MobileBackup Service - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: G DATA Datasafeservice (TSNxGService) - G DATA Software - C:\Program Files (x86)\G DATA\TotalProtection\TSNxG\TSNxGService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Unchecky - RaMMicHaeL - C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=20 folders=14 75347803 bytes)

==== Empty Temp Folders ======================

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\VANLAP~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ma 15-08-2016 at  9:40:53,96 ======================