Zoek.exe v5.0.0.1 Updated 15-November-2015 Tool run by Marti on ma 16-11-2015 at 13:30:30,68. Microsoft Windows 10 Home 10.0.10240 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Marti\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 16-11-2015 13:34:17 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully C:\Users\Marti\AppData\Local\EmieSiteList deleted successfully C:\Users\Marti\AppData\Local\EmieUserList deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== ®The Walking Dead¯ 1.0.0.23 Adobe Reader XI (11.0.13) - Nederlands Adobe Refresh Manager Age of Empires II HD (c) Microsoft Studios version 1 Basissoftware voor HP Deskjet 3050 J610 series DAEMON Tools Lite Dell Resource CD Dropbox f.lux FIFA 14 Google Chrome Google Update Helper HP Deskjet 3050 J610 series Haelp HP Update Intel(R) Rapid Storage Technology Iomega Encryption Java 8 Update 60 Java 8 Update 65 Java Auto Updater Logitech SetPoint 6.67 Malwarebytes Anti-Malware versie 2.2.0.1024 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.5.2 (NLD) Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64) Microsoft Office 365 ProPlus - nl-nl Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Moto Racer Collection Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component Origin paint.net Panda Devices Agent Panda Free Antivirus RemoteComms External Disk Access RollerCoaster Tycoon 2 Triple Thrill Pack SkypeT 7.5 SpeedFan (remove only) Spotify Steam System Requirements Lab The Long Dark v0.200 The Stanley Parable VLC media player Vuze WinRAR 5.20 (64-bit) Worms Reloaded ==== Running Processes ====================== C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Users\Marti\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe C:\Users\Marti\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft Office 15\Root\Office15\GROOVE.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Users\Marti\Desktop\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\SystemRequirementsLab deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\WINDOWS\RAVTC.TMP deleted C:\WINDOWS\Syswow64\GroupPolicy\Machine deleted C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 4093 MB CPU Info: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz CPU Speed: 2136,6 MHz Sound Card: Luidsprekers (High Definition A | Display Adapters: ATI Mobility Radeon HD 4300 Series | ATI Mobility Radeon HD 4300 Series Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Realtek RTL8188CU Wireless LAN 802.11n USB 2.0 Network Adapter | Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller | Intel(R) WiFi Link 5100 AGN | Microsoft Wi-Fi Direct Virtual Adapter CD / DVD Drives: 1x (D: | ) D: Optiarc DVD+-RW AD-7560S Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 2 Button Mouse Present Hard Disks: C: 465,8GB Hard Disks - Free: C: 266,6GB Manufacturer *: Dell Inc. BIOS Info: AT/AT COMPATIBLE | 07/17/09 | Phoenix ROM BIOS PLUS Version 1.10 A10 Time Zone: West-Europa (standaardtijd) Motherboard *: Dell Inc. 0G437N Country: Nederland Language: NLD ==== System Specs (Software) ====================== Default Browser: Google Chrome 46.0.2490.86 Internet Explorer Version: 11.0.10240.16431 Google Chrome version: 46.0.2490.86 Adobe Reader version: 11.0.13.17 Sun Java version: 1.8.0_65 (32-bit) Sun Java version: 1.8.0_65 (64-bit) ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\Marti\AppData\Local\Temp ==== ====== Java Cache ===== 2015-11-03 20:17:59 3F9BEFAEFCFACF96CD8670927332AD72 428 ----a-w- C:\Users\Marti\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-78e96a5ccf5c5b6a29dcdffe1d16c989d010904d54059e7b28aad8dacf6a56c9-6.0.lap 2015-11-03 20:17:58 4F85459CEC4F78A3987FFFD5B6A816C5 605 ----a-w- C:\Users\Marti\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-7d917262 2015-11-03 20:17:59 C9588417B10E1D770E3E5DA1F3510AE5 8425 ----a-w- C:\Users\Marti\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\298d42d-3a2c36ae 2015-11-03 20:18:02 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Marti\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\c8dc66e-5d70c9b5 ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2015-11-16 11:37:00 C4D2C62EEF4471F0DD01B27A3DFCE346 16148 ----a-w- C:\WINDOWS\Sysnative\PC_VAN_MARTIN_Marti_HistoryPrediction.bin ====== C:\WINDOWS\Sysnative\drivers ===== 2015-11-16 10:56:44 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys 2015-11-16 10:56:15 CFBC6C6D8A492697CABD1D353EE64933 25816 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys 2015-11-16 10:56:15 42B3F5C9FBC9B3F0E0BA6B5D7FC8E849 109272 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys 2015-11-16 10:56:15 08DECFCB9BA97786165A69AB1015BC30 64216 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys 2015-11-01 12:50:35 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_wpdcomp_01_11_00.Wdf 2015-11-01 12:50:34 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2015-11-03 20:15:05 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\Marti\AppData\Roaming ====== 2015-11-16 10:55:35 -------- d-----w- C:\Users\Marti\AppData\Local\Programs 2015-11-10 14:30:45 -------- d-----w- C:\Users\Marti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox ====== C:\Users\Marti ====== 2015-11-16 11:18:29 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Marti\Downloads\RSITx64.exe 2015-11-16 10:54:19 49E3825ACB348F848D9B841E4D48FD3B 22908888 ----a-w- C:\Users\Marti\Downloads\mbam-setup-2.2.0.1024.exe 2015-11-16 10:51:05 3BC8A1F156BCB1EBB190418FCDA4739D 1732096 ----a-w- C:\Users\Marti\Downloads\adwcleaner_5.021.exe ====== C: exe-files == 2015-11-16 11:18:29 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Marti\Downloads\RSITx64.exe 2015-11-16 10:54:19 49E3825ACB348F848D9B841E4D48FD3B 22908888 ----a-w- C:\Users\Marti\Downloads\mbam-setup-2.2.0.1024.exe 2015-11-16 10:51:05 3BC8A1F156BCB1EBB190418FCDA4739D 1732096 ----a-w- C:\Users\Marti\Downloads\adwcleaner_5.021.exe 2015-11-15 16:26:06 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Users\Marti\AppData\Local\Temp\i4jdel0.exe 2015-11-12 14:32:44 1B16795D3CB7A9FAA3FC41C56EF2966D 149184 ----a-w- C:\Users\Marti\AppData\Local\Temp\4A9A7ED1-0E41-4297-8051-D55A5E81E74F\DismHost.exe 2015-11-12 14:04:09 1B16795D3CB7A9FAA3FC41C56EF2966D 149184 ----a-w- C:\Users\Marti\AppData\Local\Temp\F101337C-CFD4-46E1-9834-2399DAF7050E\DismHost.exe 2015-11-11 20:41:57 1B16795D3CB7A9FAA3FC41C56EF2966D 149184 ----a-w- C:\Users\Marti\AppData\Local\Temp\09456787-058B-4E36-A350-16542A4F1CD9\DismHost.exe 2015-11-11 19:32:39 F4146736CFD035154A089BC0DD81E1D0 970832 ----a-w- C:\Program Files (x86)\Google\Update\Install\{466F456D-3A38-4EEE-9EA8-1B7FCE8AFB0B}\46.0.2490.86_46.0.2490.80_chrome_updater.exe 2015-11-11 19:32:39 F4146736CFD035154A089BC0DD81E1D0 970832 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\46.0.2490.86\46.0.2490.86_46.0.2490.80_chrome_updater.exe 2015-11-10 14:28:59 444FA76FF057D88FC8DC80EA8F5F40CC 50771544 ----a-w- C:\Users\Marti\AppData\Local\Dropbox\Update\Download\{CC46080E-4C33-4981-859A-BBA2F780F31E}\3.10.11\DropboxClient_3.10.11.exe === C: other files == 2015-11-16 10:56:44 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2015-11-16 10:56:15 CFBC6C6D8A492697CABD1D353EE64933 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2015-11-16 10:56:15 42B3F5C9FBC9B3F0E0BA6B5D7FC8E849 109272 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2015-11-16 10:56:15 08DECFCB9BA97786165A69AB1015BC30 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys 2015-11-15 17:57:53 E8CE907042DD6C6FC13E3666884D6398 30721 ----a-w- C:\Users\Marti\Downloads\inside.out.(2015).dut.1cd.(6364051).zip 2015-11-11 19:13:38 C875B6BF10791844E27A99F54E71E38E 8173 ----a-w- C:\Users\Marti\Documents\Documenten\Martin\tr-info_13454760_20151111191327_CSV.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-1617728351-3029463369-2982614091-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Marti\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "f.lux"="C:\Users\Marti\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" "Dropbox Update"="C:\Users\Marti\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "OneDrive"="C:\Users\Marti\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_USERS\S-1-5-21-1617728351-3029463369-2982614091-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Marti\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Marti\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PSUAMain"="C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe /LaunchSysTray" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Marti\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "f.lux"="C:\Users\Marti\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" "Dropbox Update"="C:\Users\Marti\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "OneDrive"="C:\Users\Marti\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Marti\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Marti\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" "EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [24-09-2015 13:52] C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-1617728351-3029463369-2982614091-1000Core.job --a-------- C:\Users\Marti\AppData\Local\Dropbox\Update\DropboxUpdate.exe [14-07-2015 11:28] C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-1617728351-3029463369-2982614091-1000UA.job --a-------- C:\Users\Marti\AppData\Local\Dropbox\Update\DropboxUpdate.exe [14-07-2015 11:28] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13-02-2015 12:04] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13-02-2015 12:04] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-1617728351-3029463369-2982614091-1000Core" [C:\Users\Marti\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-1617728351-3029463369-2982614091-1000UA" [C:\Users\Marti\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{F003DA68-8256-4b37-A6C4-350FA04494DF}"="C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt" [30-09-2015 16:15] ==== Chromium Look ====================== Google Slides - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek CookiesOK - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\afmkbjoakcacgljcdccofbffloabfbni Google Docs - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf MEGA - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod YouTube - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Vertalen.nu - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\giapagjeblcapfphboclikepoeelhgkj AdBlock - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Chrome Web Store Payments - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== Reset Google Chrome ====================== C:\Users\Marti\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Marti\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Marti\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Marti\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O1 - Hosts: ::1 localhost O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Marti\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [f.lux] "C:\Users\Marti\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Marti\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c O4 - HKCU\..\Run: [OneDrive] "C:\Users\Marti\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Marti\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marti\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64" O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Marti\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: OneDrive voor Bedrijven.lnk = C:\Program Files\Microsoft Office 15\root\office15\GROOVE.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing) O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing) O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Marti\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Marti\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Marti\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Marti\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Marti\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1002 folders=203 203968021 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Marti\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 16-11-2015 at 14:12:12,14 ======================