Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Mandy on vr 09-09-2016 at 21:08:51,66. Microsoft Windows 10 Home 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\mandyyy\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 9-9-2016 21:12:05 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Users\mandyyy\AppData\Local\ActiveSync deleted successfully C:\Users\mandyyy\AppData\Local\NetworkTiles deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Lenovo Photo Master æTorrent Absolute Reminder Adobe AIR Adobe Flash Player 22 NPAPI Apple Application Support (32-bit) Apple Application Support (64-bit) Apple Mobile Device Support Apple Software Update Bonjour Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Classic Shell CyberLink PowerDirector 10 Definition Update for Microsoft Office 2013 (KB3115404) 64-Bit Edition Dependency Package Update Dolby Digital Plus Advanced Audio Energy Manager Google Chrome Google Update Helper Hightail for Lenovo Intel(R) Processor Graphics Intel(R) Trusted Execution Engine Intel(R) Trusted Execution Engine Driver iTunes Lenovo Dependency Package Lenovo EasyCamera Lenovo FusionEngine Lenovo Mobile Phone Wireless Import Lenovo OneKey Recovery Lenovo Password Manager Lenovo PhoneCompanion Lenovo PowerDVD10 Lenovo Settings Lenovo SHAREit Lenovo Solution Center Lenovo Updates Maxthon Cloud Browser Metric Collection SDK 35 Microsoft Access MUI (Dutch) 2013 Microsoft DCF MUI (Dutch) 2013 Microsoft Excel MUI (Dutch) 2013 Microsoft Groove MUI (Dutch) 2013 Microsoft InfoPath MUI (Dutch) 2013 Microsoft Lync MUI (Dutch) 2013 Microsoft Office 32-bit Components 2013 Microsoft Office Korrekturhilfen 2013 - Deutsch Microsoft Office OSM MUI (Dutch) 2013 Microsoft Office OSM UX MUI (Dutch) 2013 Microsoft Office Professional Plus 2013 Microsoft Office Proofing (Dutch) 2013 Microsoft Office Proofing Tools 2013 - English Microsoft Office Proofing Tools 2013 - Nederlands Microsoft Office Shared 32-bit MUI (Dutch) 2013 Microsoft Office Shared MUI (Dutch) 2013 Microsoft OneNote MUI (Dutch) 2013 Microsoft Outlook MUI (Dutch) 2013 Microsoft PowerPoint MUI (Dutch) 2013 Microsoft Publisher MUI (Dutch) 2013 Microsoft Silverlight Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft Word MUI (Dutch) 2013 Mozilla Firefox 44.0.2 (x86 nl) Mozilla Maintenance Service Nitro Pro 9 Outils de v‚rification linguistique 2013 de Microsoft Officeÿ- Fran‡ais PokerStars.eu Power2Go REALTEK Bluetooth Driver Realtek Card Reader Realtek Ethernet Controller Driver Realtek High Definition Audio Driver REALTEK Wireless LAN Driver Security Update for Microsoft Office 2013 (KB2910941) 64-Bit Edition Security Update for Microsoft Office 2013 (KB3039798) 64-Bit Edition Security Update for Microsoft Office 2013 (KB3054816) 64-Bit Edition Security Update for Microsoft Office 2013 (KB3114340) 64-Bit Edition Security Update for Microsoft Office 2013 (KB3115427) 64-Bit Edition Security Update for Microsoft OneNote 2013 (KB3115256) 64-Bit Edition Security Update for Microsoft Outlook 2013 (KB3115452) 64-Bit Edition Security Update for Microsoft Publisher 2013 (KB3085561) 64-Bit Edition Security Update for Microsoft Word 2013 (KB3115449) 64-Bit Edition Security Update for Skype for Business 2015 (KB3115431) 64-Bit Edition SketchUp 2016 SkypeT 7.18 Spotify Spotnet Synaptics Pointing Device Driver Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Update for Microsoft Access 2013 (KB3114735) 64-Bit Edition Update for Microsoft Excel 2013 (KB3115455) 64-Bit Edition Update for Microsoft InfoPath 2013 (KB3114818) 64-Bit Edition Update for Microsoft InfoPath 2013 (KB3114946) 64-Bit Edition Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition Update for Microsoft Office 2013 (KB2760371) 64-Bit Edition Update for Microsoft Office 2013 (KB2883095) 64-Bit Edition Update for Microsoft Office 2013 (KB2889863) 64-Bit Edition Update for Microsoft Office 2013 (KB2899522) 64-Bit Edition Update for Microsoft Office 2013 (KB2975869) 64-Bit Edition Update for Microsoft Office 2013 (KB3023049) 64-Bit Edition Update for Microsoft Office 2013 (KB3023052) 64-Bit Edition Update for Microsoft Office 2013 (KB3023068) 64-Bit Edition Update for Microsoft Office 2013 (KB3039701) 64-Bit Edition Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition Update for Microsoft Office 2013 (KB3039756) 64-Bit Edition Update for Microsoft Office 2013 (KB3039766) 64-Bit Edition Update for Microsoft Office 2013 (KB3039778) 64-Bit Edition Update for Microsoft Office 2013 (KB3039795) 64-Bit Edition Update for Microsoft Office 2013 (KB3039800) 64-Bit Edition Update for Microsoft Office 2013 (KB3054783) 64-Bit Edition Update for Microsoft Office 2013 (KB3054785) 64-Bit Edition Update for Microsoft Office 2013 (KB3054819) 64-Bit Edition Update for Microsoft Office 2013 (KB3054856) 64-Bit Edition Update for Microsoft Office 2013 (KB3055007) 64-Bit Edition Update for Microsoft Office 2013 (KB3085486) 64-Bit Edition Update for Microsoft Office 2013 (KB3085565) 64-Bit Edition Update for Microsoft Office 2013 (KB3085570) 64-Bit Edition Update for Microsoft Office 2013 (KB3085577) 64-Bit Edition Update for Microsoft Office 2013 (KB3085587) 64-Bit Edition Update for Microsoft Office 2013 (KB3101487) 64-Bit Edition Update for Microsoft Office 2013 (KB3101491) 64-Bit Edition Update for Microsoft Office 2013 (KB3101503) 64-Bit Edition Update for Microsoft Office 2013 (KB3114488) 64-Bit Edition Update for Microsoft Office 2013 (KB3114499) 64-Bit Edition Update for Microsoft Office 2013 (KB3114825) 64-Bit Edition Update for Microsoft Office 2013 (KB3114835) 64-Bit Edition Update for Microsoft Office 2013 (KB3115154) 64-Bit Edition Update for Microsoft Office 2013 (KB3115425) 64-Bit Edition Update for Microsoft OneDrive for Business (KB3115433) 64-Bit Edition Update for Microsoft Outlook Social Connector 2013 (KB3054854) 64-Bit Edition Update for Microsoft PowerPoint 2013 (KB3115444) 64-Bit Edition Update for Microsoft Project 2013 (KB3115434) 64-Bit Edition Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition Update for Skype for Business 2015 (KB3039776) 64-Bit Edition User Manuals Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables VLC media player Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) WinRAR 5.30 (64-bit) WinZip ==== Running Processes ====================== C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe C:\windows\SysWOW64\NLSSRV32.EXE C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe C:\Program Files\Lenovo\iMController\SystemAgentService.exe C:\Program Files (x86)\Firefox\bin\FirefoxCommand.exe C:\Program Files\Lenovo PhoneCompanion\adb.exe C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe C:\Windows\WebCam\S6000\S6000Mnt.exe C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE C:\Users\mandyyy\Desktop\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe C:\Program Files (x86)\Firefox\Firefox.exe C:\Program Files (x86)\Firefox\plugin-container.exe C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 "Debugger="- "Debugger="- "Debugger="- "Debugger="- "Debugger="- "Debugger="- "Debugger="- "Debugger="- "Debugger="- "Debugger="- "Debugger="- "Debugger="- ==== Deleting Files \ Folders ====================== C:\WINDOWS\sysWoW64\config\systemprofile\.android deleted C:\Users\mandyyy\AppData\Roaming\Firefox\Firefox\Profiles\41A66E7E5EE1\searchplugins\searchinme.xml deleted "C:\Users\mandyyy\AppData\Roaming\Mozilla\Firefox\Profiles\5yxv98rx.default\searchplugins\nice.xml" deleted "C:\Users\mandyyy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google.com.url" deleted ==== Folders Found ====================== ==== Files Found ====================== ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3979 MB CPU Info: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz CPU Speed: 2167,6 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller | Realtek RTL8723BE Wireless LAN 802.11n PCI-E NIC | Microsoft Wi-Fi Direct Virtual Adapter CD / DVD Drives: No optical drives found. Ports: COM1 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 256,1GB | D: 25,0GB Hard Disks - Free: C: 168,2GB | D: 16,1GB Manufacturer *: LENOVO BIOS Info: AT/AT COMPATIBLE | | LENOVO - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: LENOVO Lenovo B50-30 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Default Browser: Firefox 47.0 Internet Explorer Version: 11.545.10586.0 Mozilla Firefox version: 44.0.2 (x86 nl) Google Chrome version: 52.0.2743.116 Flash Player version: 22.0.0.209 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\mandyyy\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== ====== C:\WINDOWS\Sysnative\drivers ===== 2016-08-11 12:27:33 2442F8CED09E5E4A8F1AA04C5DB22771 954368 ----a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys 2016-08-11 12:27:29 C2138FE291C8235C3A26CD04EE629163 161632 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys 2016-08-11 12:27:29 570BA8E8E1E3064A7D92F862B7F59B60 604928 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2016-08-11 12:27:27 72CC1F3397B4438C8B8830F004075038 112640 ----a-w- C:\WINDOWS\Sysnative\drivers\bthenum.sys 2016-08-11 12:27:26 5DCB6746E9880DED87EC2A239ED64EB4 181248 ----a-w- C:\WINDOWS\Sysnative\drivers\rfcomm.sys 2016-08-11 12:27:26 0A23A12396CE5AE78E13F8E2ADF9AE35 128512 ----a-w- C:\WINDOWS\Sysnative\drivers\bthpan.sys 2016-08-11 12:27:25 FA7EE4E3DCF4C1159D4E78147D8F1A7B 84992 ----a-w- C:\WINDOWS\Sysnative\drivers\BTHUSB.SYS 2016-08-11 12:27:16 E61E8025B3FC30906B9BFF0E1602B1E8 576864 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2016-08-11 12:27:16 E5EF652F8C880EC48A4E827698416338 1988448 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2016-08-11 12:27:16 97269D0CF0C275A7DF5BFCA6692CC8B8 393056 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2016-08-11 12:27:11 34DDBE73E42A4EDED7BEFF66F270C1A4 99680 ----a-w- C:\WINDOWS\Sysnative\drivers\pdc.sys 2016-08-11 12:27:05 FAEBE339AB36831B77DC8F3B81DEDF75 465248 ----a-w- C:\WINDOWS\Sysnative\drivers\storport.sys 2016-08-11 12:27:05 3F89E96BDA0A24A3D2DBB7CE1E625589 331616 ----a-w- C:\WINDOWS\Sysnative\drivers\pci.sys 2016-08-11 12:26:25 1BB74617AE07539EC7C31C93F98644C7 422744 ----a-w- C:\WINDOWS\Sysnative\drivers\rdbss.sys ====== C:\WINDOWS\Tasks ====== 2016-09-02 21:35:10 01DABAC6207A458665D66E1C41077919 3636 ----a-w- C:\WINDOWS\Sysnative\Tasks\CreateExplorerShellUnelevatedTask 2016-08-20 16:37:47 5092DCCE3C23FBEEE8864AEE21063999 3326 ----a-w- C:\WINDOWS\Sysnative\Tasks\OneDrive Standalone Update Task ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2016-08-11 11:48:43 -------- d---a-w- C:\PROGRA~2\Firefox ======= C: ===== 2016-09-02 21:30:29 E9273E052C410C977DC0AD5014312FD4 1279 ----a-w- C:\DelFix.txt ====== C:\Users\mandyyy\AppData\Roaming ====== 2016-09-09 19:21:46 -------- d-----w- C:\Users\mandyyy\AppData\Local\NetworkTiles 2016-08-14 11:47:51 -------- d-----w- C:\Users\mandyyy\AppData\Local\ESET ====== C:\Users\mandyyy ====== 2016-09-02 21:37:04 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\mandyyy\Desktop\RSITx64.exe ====== C: exe-files == 2016-09-02 21:37:04 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\mandyyy\Desktop\RSITx64.exe === C: other files == 2016-09-06 18:12:55 43C8D087B31C592163B33A4BDA540E40 199008 ----a-w- C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\windows\system32\drivers\wof.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-3125367378-2140037814-2600998391-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Spotify Web Helper"="C:\Users\mandyyy\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Spotify"="C:\Users\mandyyy\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" [HKEY_USERS\S-1-5-21-3125367378-2140037814-2600998391-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" "Uninstall C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64" "Uninstall C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" "Uninstall C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" "Uninstall C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" "Uninstall C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" "Uninstall C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UpdateP2GShortCut"="C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\Lenovo\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\5.0" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Spotify Web Helper"="C:\Users\mandyyy\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Spotify"="C:\Users\mandyyy\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" "Uninstall C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64" "Uninstall C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" "Uninstall C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" "Uninstall C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" "Uninstall C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" "Uninstall C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~2\\SearchProtect\\SearchProtect\\bin\\VC32Loader.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4" "RtHDVBg_LENOVO_DOLBYDRAGON"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /LENOVO_DOLBYDRAGON" "RtHDVBg_LENOVO_MICPKEY"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /LENOVO_MICPKEY" "S6000Mnt"="C:\WINDOWS\WebCam\S6000\S6000Mnt.exe" "PasswordManager"="C:\Program Files\Lenovo\Password Manager\password_manager.exe" "PhoneCompanion"="C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe" "Energy Manager"="C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe" "Lenovo Utility"="C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe" "Classic Start Menu"="C:\Program Files\Classic Shell\ClassicStartMenu.exe -autorun" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13-07-2016 15:17] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16-06-2016 01:36] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16-06-2016 01:36] C:\WINDOWS\tasks\LSCHardwareScan.job --a-------- C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [17-08-2015 09:37] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\CreateExplorerShellUnelevatedTask" [C:\WINDOWS\explorer.exe] "C:\WINDOWS\SysNative\tasks\DolbySelectorTask" [%ProgramFiles%\Dolby Digital Plus\ddp.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\IHeeaWABrowserUpdateCore" [C:\Program Files (x86)\IHeeaWA\IHeeaWA\bin\IHeeaWA_server.exe] "C:\WINDOWS\SysNative\tasks\IHeeaWABrowserUpdateUA" [C:\Program Files (x86)\IHeeaWA\IHeeaWA\bin\IHeeaWA_server.exe] "C:\WINDOWS\SysNative\tasks\Maxthon Update" ["C:\Program Files (x86)\Maxthon\Bin\mxup.exe"] "C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task" [C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe] "C:\WINDOWS\SysNative\tasks\PDVDServ Task" [C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE] "C:\WINDOWS\SysNative\tasks\Synaptics TouchPad Enhancements" ["C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\WINDOWS\SysNative\tasks\Lenovo\Dependency Package Auto Update" [C:\Program Files\Lenovo\iMController\AutoUpdate.exe] "C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program" ["%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program 64 35" ["%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Solution Center Launcher" [%programfiles%\lenovo\lenovo solution center\App\LSCService.exe] "C:\WINDOWS\SysNative\tasks\Lenovo\LSC\LSCHardwareScan" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan] "C:\WINDOWS\SysNative\tasks\Lenovo\LSC\LSCHardwareScanPostpone" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\mandyyy\AppData\Roaming\Firefox\Firefox\Profiles\41A66E7E5EE1 user_pref("browser.startup.homepage", "http://www.google.nl/"); user_pref("browser.search.defaultenginename", "nice"); user_pref("browser.search.selectedEngine", "nice"); ProfilePath: C:\Users\mandyyy\AppData\Roaming\Firefox\Firefox\Profiles\5yxv98rx.default user_pref("browser.search.defaultenginename", "nuesearch"); user_pref("browser.search.selectedEngine", "nuesearch"); ProfilePath: C:\Users\mandyyy\AppData\Roaming\Mozilla\Firefox\Profiles\5yxv98rx.default user_pref("browser.search.selectedEngine", "nuesearch"); ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{F74D5734-46F5-4B16-96F0-1E7FBF41B750}"="C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12" [09-10-2014 20:47] ==== Firefox Extensions ====================== ProfilePath: C:\Users\mandyyy\AppData\Roaming\Firefox\Firefox\Profiles\41A66E7E5EE1 - SimilarWeb - %ProfilePath%\extensions\@DA3566E2-F709-11E5-8E87-A604BC8E7F8B.xpi - Undetermined - %ProfilePath%\extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi - English US Language Pack - %ProfilePath%\extensions\langpack-en-US@firefox.mozilla.org.xpi ProfilePath: C:\Users\mandyyy\AppData\Roaming\Firefox\Firefox\Profiles\5yxv98rx.default - Undetermined - C:\Users\mandyyy\AppData\Roaming\Mozilla\Firefox\Profiles\5yxv98rx.default\extensions\arthurj8283@gmail.com - xRocket Toolbar - %ProfilePath%\extensions\arthurj8283@gmail.com - Nederlands NL Language Pack - %ProfilePath%\extensions\langpack-nl@firefox.mozilla.org.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions flliilndjeohchalpbbcdekjklbdgfkk - No path found[] geempcnjhccnoepfmahaeemnnfnignab - C:\Program Files (x86)\Lenovo\Password Manager\chrome_npapi_extension.crx[09-01-2014 23:44] Lenovo Password Manager - mandyyy\AppData\Local\Google\Chrome\User Data\Default\Extensions\geempcnjhccnoepfmahaeemnnfnignab Chrome Web Store Payments - mandyyy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Chrome Media Router - mandyyy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm Chrome Adr - mandyyy\AppData\Local\IHeeaWA\User Data\Default\Extensions\knbdkcpkcpmiakimkhhmlgkjmchgahil Chrome Web Store Payments - mandyyy\AppData\Local\IHeeaWA\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131151373194531804&GUID=FFAC0FE4-B460-407B-AF7C-36F3DA8D0D71" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131151373194531804&GUID=FFAC0FE4-B460-407B-AF7C-36F3DA8D0D71" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{D36DE5FC-1A2A-4CD5-949C-22DF8EAD50F9} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB HKLM\Wow6432Node\SearchScopes "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes\{D36DE5FC-1A2A-4CD5-949C-22DF8EAD50F9} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms} HKCU\SearchScopes\{D36DE5FC-1A2A-4CD5-949C-22DF8EAD50F9} - No_Url_Value ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=c:\windows\syswow64\userinit.exe, O1 - Hosts: ::1 localhost O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" O4 - HKCU\..\Run: [OneDrive] "C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\mandyyy\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Spotify] "C:\Users\mandyyy\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized O4 - HKCU\..\RunOnce: [Uninstall C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\mandyyy\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.hola.org O17 - HKLM\System\CCS\Services\Tcpip\..\{b16dda32-7752-425b-a707-b04f1121b021}: NameServer = 82.163.143.171 82.163.142.173 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 82.163.143.171 82.163.142.173 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 82.163.143.171 82.163.142.173 O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Command Service(CommandHandler) (CommandHandler) - Unknown owner - C:\Program Files (x86)\Firefox\bin\FirefoxCommand.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: EOF - Unknown owner - C:\Program Files (x86)\483439ee973f587d9bb1ffe33f27b80f\EOF.exe (file missing) O23 - Service: Symantec Eraser Service (EraserSvc11520) - Unknown owner - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\NS.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Update Service(FirefoxU) (FirefoxU) - Unknown owner - C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe O23 - Service: LenovoSetSvr - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing) O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NitroPDFDriverCreatorReadSpool9 (NitroDriverReadSpool9) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\windows\SysWOW64\NLSSRV32.EXE O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\mandyyy\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\mandyyy\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\mandyyy\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\mandyyy\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\mandyyy\AppData\Local\Mozilla\Firefox\Profiles\41A66E7E5EE1\cache2 emptied successfully C:\Users\mandyyy\AppData\Local\Mozilla\Firefox\Profiles\5yxv98rx.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\mandyyy\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot C:\Users\mandyyy\AppData\Local\IHeeaWA\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=6 folders=1 4807 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\mandyyy\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\mandyyy\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted "C:\Users\mandyyy\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted "C:\Users\mandyyy\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted "C:\Users\mandyyy\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted "C:\Users\mandyyy\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted ==== EOF on vr 09-09-2016 at 23:07:31,91 ======================