Zoek.exe v5.0.0.1 Updated 27-09-2015 Tool run by van la Parra on ma 13-03-2017 at 11:57:57,88. Microsoft Windows 10 Pro 10.0.14393 x64 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\van la Parra\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 13-3-2017 12:03:07 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Users\van la Parra\AppData\Local\PeerDistRepub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== . . . 64 Bit HP CIO Components Installer Adobe Acrobat Reader DC - Nederlands Adobe Flash Player 23 PPAPI Adobe Flash Player 24 NPAPI Adobe Refresh Manager AIO_CDA_ProductContext AIO_CDA_Software AIO_Scan Ashampoo Snap 9 BDAntiRansomware BIOS Tools BufferChm CCleaner Chrome Token Signing Comodo IceDragon Copy Definition Update for Microsoft Office 2010 (KB3115475) 32-Bit Edition Destinations DeviceDiscovery DigiDoc3 Client DocProc eID software EstEID Minidriver EstEID Shell Extension Fax Firefox PKCS11 Loader Firefox Token Signing Plugin Flexera Software Corporate Software Inspector System Center Plugin (7.5.0.6) G DATA TOTAL SECURITY Google Chrome Google Earth Google Photos Backup Google Update Helper GPBaseService2 HP Customer Experience Enhancements HP Customer Participation Program 14.0 HP Imaging Device Functions 14.0 HP Photosmart All-In-One Driver Software HP Solution Center 14.0 HP Support Assistant HP Support Solutions Framework HP Update HPPhotoGadget HPProductAssistant HPSSupply ID-card utility IE Token Signing Plugin IntelŠ Driver Update Utility IntelŠ RealSenseT SDK 2014 Runtime (x64): Core MarketResearch Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft OneDrive Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Mozilla Firefox 51.0.1 (x86 en-US) Mozilla Maintenance Service NAVIGON Fresh 3.5.1 Network64 OCR Software by I.R.I.S. 14.0 Open-EID Metapackage Open-EID Uninstaller Open-EID Updater Picasa 3 Rapport Recuva Samsung Kies Samsung USB Driver for Mobile Phones Seagate Dashboard Security Update for Microsoft Access 2010 (KB3101544) 32-Bit Edition Security Update for Microsoft Excel 2010 (KB3128037) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB3114414) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553313) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553432) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881029) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2889841) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956063) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3054984) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085528) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3101520) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3114400) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3115120) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3118380) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB3054978) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB3114885) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB3114883) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB3118313) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB3118378) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB3114395) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB3114872) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2999465) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2965313) 32-Bit Edition Security Update for Microsoft Word 2010 (KB3128034) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Shop for HP Supplies SkypeT 7.33 Smart Switch SolutionCenter Speccy Status Stuurprogrammapakket voor Windows - RIA (Estonian National ID Card) (UMPass) SmartCard (05/13/2015 3.11.0.1175) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Toolbox TrayApp Trust 100K Series Webcam Trusteer Eindpuntbeveiliging Tweaking.com - Windows Repair Unchecky v1.0.2 Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2999508) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition Update for Microsoft Office 2010 (KB2553388) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2791057) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2881030) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition Update for Microsoft Office 2010 (KB3054886) 32-Bit Edition Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition Update for Microsoft Office 2010 (KB3085605) 32-Bit Edition Update for Microsoft Office 2010 (KB3114555) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2760779) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition VLC media player WebReg Yahoo Messenger ==== Running Processes ====================== C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKService.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\WINDOWS\SysWoW64\svchost.exe C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe C:\Program Files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe C:\Windows\PixArt\Pac207\Monitor.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\G DATA\TotalProtection\AVKTray\AVKTray.exe C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFirewallTray.exe C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\van la Parra\Downloads\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Program Files (x86)\G DATA\TotalProtection\TSNxG\TSNxGService.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\VANLAP~1\AppData\Roaming\Comodo\IceDragon\Profiles\lbfvr4vl.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_13-03-2017_1300_.backup ProfilePath: C:\Users\VANLAP~1\AppData\Roaming\Mozilla\Firefox\Profiles\yisez0ow.default-1482935430045 user.js not found ---- Lines searches removed from prefs.js ---- user_pref("browser.urlbar.suggest.searches", true); ---- FireFox user.js and prefs.js backups ---- prefs_13-03-2017_1300_.backup ==== Deleting Files \ Folders ====================== "C:\WINDOWS\Installer\5366017c.msi" not found C:\PROGRA~3\Package Cache deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3319 MB CPU Info: Intel(R) Pentium(R) Dual CPU E2160 @ 1.80GHz CPU Speed: 1816,2 MHz Sound Card: Luidsprekers (High Definition A | Luidsprekers (High Definition A | Display Adapters: Intel(R) 946GZ Express Chipset Family (Microsoft Corporation - WDDM 1.1) Monitors: 1x; SyncMaster 2443NW/2443NWX | Screen Resolution: 1920 X 1200 - 32 bit Network: Network Present Network Adapters: Intel(R) PRO/100 VE Network Connection CD / DVD Drives: 1x (I: | ) I: TSSTcorpCD/DVDW TS-H653L Ports: COM1 | COM2 LPT1 Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 259,7GB | D: 205,1GB Hard Disks - Free: C: 215,0GB | D: 149,7GB Manufacturer *: Phoenix Technologies, LTD BIOS Info: AT/AT COMPATIBLE | 05/25/07 | HPQOEM - 42302e31 Time Zone: West-Europa (standaardtijd) Motherboard *: MSI 0A90 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Internet Explorer Version: 11.576.14393.0 Mozilla Firefox version: 51.0.1 (x86 en-US) Google Chrome version: 56.0.2924.87 Adobe Reader version: 15.23.20070.215641 Flash Player version: 24.0.0.221 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\VANLAP~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2017-03-11 12:00:01 BC599B386A680E334EE298A1AC86D449 32768 ----a-w- C:\WINDOWS\SysWOW64\???=?=???? 2017-03-11 12:00:01 7D942F001257F5D2D4F4E4F647E84A5F 65536 --sha-w- C:\WINDOWS\SysWOW64\???=?=????{06186cad-0586-11e7-99f2-0019dbbaac24}.TM.blf 2017-03-11 12:00:01 59071590099D21DD439896592338BF95 524288 --sha-w- C:\WINDOWS\SysWOW64\???=?=????{06186cad-0586-11e7-99f2-0019dbbaac24}.TMContainer00000000000000000002.regtrans-ms 2017-03-11 12:00:01 097C31251AF9AAB6F4DA0593996BFD0B 524288 --sha-w- C:\WINDOWS\SysWOW64\???=?=????{06186cad-0586-11e7-99f2-0019dbbaac24}.TMContainer00000000000000000001.regtrans-ms 2017-03-05 16:04:37 F7E2EF6FFD3D3972B7682F274A05F234 524288 --sha-w- C:\WINDOWS\SysWOW64\????!{7b373f29-000c-11e7-99ee-0019dbbaac24}.TMContainer00000000000000000001.regtrans-ms 2017-03-05 16:04:37 B9049A3A04E9A13AFB2EE37259D98F90 65536 --sha-w- C:\WINDOWS\SysWOW64\????!{7b373f29-000c-11e7-99ee-0019dbbaac24}.TM.blf 2017-03-05 16:04:37 84A03E2E1B95B4D761F7C35FEB75E43B 8192 ----a-w- C:\WINDOWS\SysWOW64\????! 2017-03-05 16:04:37 59071590099D21DD439896592338BF95 524288 --sha-w- C:\WINDOWS\SysWOW64\????!{7b373f29-000c-11e7-99ee-0019dbbaac24}.TMContainer00000000000000000002.regtrans-ms ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== ====== C:\WINDOWS\Sysnative\drivers ===== ====== C:\WINDOWS\Tasks ====== 2017-02-19 20:21:33 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\Intel 2017-02-19 20:21:26 1B0669F8493591A7A1912CE4794216A9 2524 ----a-w- C:\WINDOWS\Sysnative\Tasks\USER_ESRV_SVC_QUEENCREEK ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2017-03-02 15:07:19 -------- d-----w- C:\Program Files\trend micro 2017-02-19 20:21:14 -------- d-----w- C:\Program Files\Intel Driver Update Utility ======= C:\PROGRA~2 ===== 2017-03-01 11:55:43 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service 2017-02-20 16:51:02 -------- d---a-w- C:\PROGRA~2\COMMON~1\Skype 2017-02-19 20:32:00 -------- d---a-w- C:\PROGRA~2\Intel Driver Update Utility ======= C: ===== 2017-02-27 23:37:49 9D8164A5F671C59973D20EC6FEA94816 873 ----a-w- C:\DelFix.txt ====== C:\Users\van la Parra\AppData\Roaming ====== 2017-03-01 11:58:25 -------- d-----w- C:\Users\van la Parra\AppData\Local\Mozilla ====== C:\Users\van la Parra ====== 2017-03-01 11:48:24 7101FF0673F62B340D6C082039CF4487 1622528 ----a-w- C:\Users\van la Parra\Downloads\ResetBrowser.exe 2017-02-20 16:51:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2017-02-19 20:32:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility ====== C: exe-files == 2017-03-13 09:18:08 CDB641BB8C0E7ECA2E2376184EF299B6 130 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-234901561-1536892485-3164044181-1001\$ID8O08T.exe 2017-03-13 09:17:27 0942AE8ABF027AC095EF3CE2B590448A 6293184 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-234901561-1536892485-3164044181-1001\$RD8O08T.exe === C: other files == 2017-03-09 20:24:46 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\van la Parra\AppData\Local\Temp\TempTourneyAssets.zip 2017-03-09 17:23:54 1BF7FF5C5D47FB12D443F0B7CB4FD319 21105 ----a-w- C:\Users\van la Parra\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\FNW1UTQI\KlondikeDraw3LasVegas[1].zip 2017-03-09 17:23:53 0B584381BEB7D3585C3B04DDBFF74943 10749 ----a-w- C:\Users\van la Parra\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\WF2VUAWD\KlondikeDraw1LasVegas[1].zip 2017-03-09 17:23:52 6943DF5DF55393A493F2A914EB37CADA 17700 ----a-w- C:\Users\van la Parra\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\WF2VUAWD\KlondikeDraw1CumulativeVegas[1].zip 2017-03-09 17:23:52 085248DEFAF564A76E8356CD17C537E4 67396 ----a-w- C:\Users\van la Parra\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\FNW1UTQI\KlondikeDraw3CumulativeVegas[1].zip 2017-03-09 17:23:50 5E238A274D166253A96C5639F5956986 166325 ----a-w- C:\Users\van la Parra\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\FNW1UTQI\TriPeaks[1].zip 2017-03-09 17:23:49 AC984BB684C56CE2E52D67A71A58D7C0 191071 ----a-w- C:\Users\van la Parra\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\WF2VUAWD\SpiderFourSuit[1].zip 2017-03-09 17:23:47 65633FBCC4672D47D2A6399594A5BA53 338391 ----a-w- C:\Users\van la Parra\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\WF2VUAWD\SpiderTwoSuit[1].zip 2017-03-09 17:23:46 B03322950BA4C0AB39A52ADC6DFFC3E4 355734 ----a-w- C:\Users\van la Parra\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\FNW1UTQI\SpiderOneSuit[1].zip 2017-03-09 17:23:45 46A924F662C165FA10B38D6A4C94C8BC 133410 ----a-w- C:\Users\van la Parra\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\K8N6DSQK\Pyramid[1].zip 2017-03-09 17:23:43 06E88E29D0313BF82E248DDF90AA4ED0 166450 ----a-w- C:\Users\van la Parra\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\SFG6ZBBP\KlondikeDraw3Standard[1].zip 2017-03-09 17:23:40 9284499A7D46BDF9B6F95EC1B01B6EE9 166395 ----a-w- C:\Users\van la Parra\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\SFG6ZBBP\KlondikeDraw1Standard[1].zip 2017-03-09 17:23:39 85BA55189A0E88C618B5D4A25AA80366 1015116 ----a-w- C:\Users\van la Parra\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\K8N6DSQK\Worlds[1].zip 2017-03-09 17:23:37 3A0B9B331C5002D71701643A5CBF7872 19765 ----a-w- C:\Users\van la Parra\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\WF2VUAWD\FreeCell[1].zip 2017-03-09 17:23:36 D94EA14F1B130E837F28375051D0E939 844940 ----a-w- C:\Users\van la Parra\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\SFG6ZBBP\MSCasualGames[1].zip 2017-03-09 17:23:34 36AEEDC64CA1F6B6564F2A9B166D12C4 3669 ----a-w- C:\Users\van la Parra\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\WF2VUAWD\manifest[1].zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-234901561-1536892485-3164044181-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_USERS\S-1-5-21-234901561-1536892485-3164044181-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\van la Parra\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\van la Parra\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "G Data ASM"="C:\Program Files (x86)\G DATA\TotalProtection\DelayLoader\AutorunDelayLoader.exe /autostart" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\van la Parra\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\van la Parra\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PAC207_Monitor"="C:\WINDOWS\PixArt\PAC207\Monitor.exe" "WindowsDefender"=""%ProgramFiles%\Windows Defender\MSASCuiL.exe"" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job --a-------- C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_23_0_0_205_pepper.exe [05-11-2016 10:27] C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player PPAPI Notifier" [C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_23_0_0_205_pepper.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CreateExplorerShellUnelevatedTask" [C:\WINDOWS\explorer.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-234901561-1536892485-3164044181-1001Core" [C:\Users\van la Parra\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-234901561-1536892485-3164044181-1001UA" [C:\Users\van la Parra\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\id updater task" [C:\Program Files (x86)\Open-EID\ID-updater.exe] "C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task v2" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe] "C:\WINDOWS\SysNative\tasks\Seagate_Install_Launch" [C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe] "C:\WINDOWS\SysNative\tasks\Tweaking.com - Windows Repair Tray Icon" [C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe] "C:\WINDOWS\SysNative\tasks\USER_ESRV_SVC_QUEENCREEK" ["C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{61F07557-C454-4323-9D8E-E7325EA7A1CB}" [C:\Windows\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\van la Parra" [C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe] "C:\WINDOWS\SysNative\tasks\van la Parra DBAgent 2 0" ["C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe"] "C:\WINDOWS\SysNative\tasks\van la Parra Merge" ["C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe"] "C:\WINDOWS\SysNative\tasks\van la Parra1" [C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe] "C:\WINDOWS\SysNative\tasks\van la Parra1 Merge" ["C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe"] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Intel\Intel Telemetry 2" [C:\Program Files\Intel\Telemetry 2.0\lrio.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\VANLAP~1\AppData\Roaming\Comodo\IceDragon\Profiles\lbfvr4vl.default user_pref("browser.startup.homepage", "https://www.yahoo.com/?fr=fp-comodo&type=25050004003_id_hp"); user_pref("browser.startup.homepage.default_url", "https://www.yahoo.com/?fr=fp-comodo&type=25050004003_id_hp"); user_pref("browser.search.defaultenginename", "Bing"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{443830f0-1fff-4f9a-aa1e-444bafbc7319}"="C:\Program Files (x86)\Open-EID\\{443830f0-1fff-4f9a-aa1e-444bafbc7319}.xpi" [20-01-2017 10:12] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{443830f0-1fff-4f9a-aa1e-444bafbc7319}"="C:\Program Files (x86)\Open-EID\\{443830f0-1fff-4f9a-aa1e-444bafbc7319}.xpi" [20-01-2017 10:12] ==== Firefox Extensions ====================== ProfilePath: C:\Users\VANLAP~1\AppData\Roaming\Comodo\IceDragon\Profiles\lbfvr4vl.default - COMODO SecureBox - C:\Program Files (x86)\Comodo\IceDragon\browser\features\@csb - DragAndDrop - C:\Program Files (x86)\Comodo\IceDragon\browser\features\DnD@comodo.com - Woordenboek Nederlands - %ProfilePath%\extensions\nl-NL@dictionaries.addons.mozilla.org - PlugIn-Checker - %ProfilePath%\extensions\jid0-c1av474BVPIHcGJfBp3GkhlhAa4@jetpack.xpi - Undetermined - %ProfilePath%\extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi - Emoji Cheatsheet for GitHub Basecamp etc. - %ProfilePath%\extensions\jid1-Xo5SuA6qc1DFpw@jetpack.xpi - Undetermined - %ProfilePath%\extensions\{158d7cb3-7039-4a75-8e0b-3bd0a464edd2}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ProfilePath: C:\Users\VANLAP~1\AppData\Roaming\Mozilla\Firefox\Profiles\yisez0ow.default-1482935430045 - Bitdefender QuickScan - C:\Users\van la Parra\AppData\Roaming\Mozilla\Firefox\Profiles\yisez0ow.default-1482935430045\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} - Woordenboek Nederlands - %ProfilePath%\extensions\nl-NL@dictionaries.addons.mozilla.org - Bitdefender QuickScan - %ProfilePath%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} - Facebook Disconnect - %ProfilePath%\extensions\jid0-dBgF7UkIiOsWqvBng4hYu@jetpack.xpi - Link Virus Checker: Security Plus - %ProfilePath%\extensions\jid0-DjsrWcAS3Wgq2xyyqqVL8Dqk1Lo@jetpack.xpi - Privacy Settings - %ProfilePath%\extensions\jid1-CKHySAadH4nL6Q@jetpack.xpi - Google Translator - %ProfilePath%\extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi - Beyond Australis - %ProfilePath%\extensions\thefoxonlybetter@quicksaver.xpi - Trafficlight - %ProfilePath%\extensions\trafficlight@bitdefender.com.xpi - Undetermined - %ProfilePath%\extensions\uBlock0@raymondhill.net.xpi - YouTube High Definition - %ProfilePath%\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\van la Parra\AppData\Roaming\Mozilla\Firefox\Profiles\yisez0ow.default-1482935430045 86BD236BE6DA240730EFD2C8026E5B16 - C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll - Shockwave Flash F9D90EEC96E97411869E120E52B1AE0A - C:\Users\van la Parra\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll - Google Update ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ckjefchnfjhjfedoccjbhjpbncimppeg - No path found[] jkfpchpiljkaemlpmpebnglgkomamfeo - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions bbjllphbppobebmjpjcijfbakobcheof - No path found[] hcjjaajflhellmcfcecojihhmdbjmmlm - No path found[] Comodo Drag&Drop Service - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo Comodo Web Inspector - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn Comodo Media Downloader - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dihmnpngfonlhjmgkflpnibiaaliendo PriceSuggester - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ejodbgfcaefpfbfgakjpjoppmkgmcpjp Comodo Dragon Browser Light Theme - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kglppafajjeikfgmjjegogphhkjnnmgc Comodo Share Page Service - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf Chrome Web Store Payments - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Google Slides - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Rapport - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof YouTube - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Token signing - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckjefchnfjhjfedoccjbhjpbncimppeg Google Sheets - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Search and New Tab by Yahoo - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjjaajflhellmcfcecojihhmdbjmmlm HP Network Check Launcher - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo Chrome Web Store Payments - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Chromium Fix ====================== C:\Users\van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjjaajflhellmcfcecojihhmdbjmmlm deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://nl.yahoo.com/?fr=fp-comodo&type=19_25050030005_52.15.25.663_i_hp" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6B29CF5842DBAB44DBA3EBA49289AE21 deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\hcjjaajflhellmcfcecojihhmdbjmmlm deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{85FC92B6-BD24-44BA-BD3A-BE4A2998EA12} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\6B29CF5842DBAB44DBA3EBA49289AE21 deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O1 - Hosts: 0.0.0.1 mssplus.mcafee.com O2 - BHO: EstEIDIEPluginBHO - {2A4E94A4-B275-491A-9E32-CD7A26FC7C3B} - C:\Program Files\Open-EID\esteid-plugin-ie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [G Data ASM] "C:\Program Files (x86)\G DATA\TotalProtection\DelayLoader\AutorunDelayLoader.exe" /autostart O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\RunOnce: [Uninstall C:\Users\van la Parra\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\van la Parra\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000 O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: G DATA ANTIVIRUS Proxy (AVKProxy) - G DATA Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe O23 - Service: G DATA Scheduler (AVKService) - G DATA Software AG - C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKService.exe O23 - Service: G DATA Bestandssysteemmonitor (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKWCtlx64.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: Energy Server Service queencreek (ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: G DATA Backup Service (GDBackupSvc) - G DATA Software AG - C:\Program Files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe O23 - Service: G DATA Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFwSvcx64.exe O23 - Service: G DATA Scanner (GDScan) - G DATA Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe O23 - Service: G DATA Tuner-service (GDTunerSvc) - G DATA Software AG - C:\Program Files (x86)\G DATA\TotalProtection\AVKTuner\AVKTunerService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service: COMODO IceDragon Update Service (IceDragonUpdater) - Unknown owner - C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Seagate Dashboard Services - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe O23 - Service: Seagate MobileBackup Service - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK (SystemUsageReportSvc_QUEENCREEK) - Unknown owner - C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: G DATA Datasafeservice (TSNxGService) - G DATA Software - C:\Program Files (x86)\G DATA\TotalProtection\TSNxG\TSNxGService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Unchecky - RaMMicHaeL - C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe O23 - Service: User Energy Server Service queencreek (USER_ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\van la Parra\AppData\Local\Mozilla\Firefox\Profiles\yisez0ow.default-1482935430045\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\van la Parra\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully C:\Users\van la Parra\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=154 folders=14 15318836 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\VANLAP~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 13-03-2017 at 13:58:29,74 ======================