Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Hans007 on do 07/01/2016 at 14:58:49,31. Microsoft Windows 10 Home 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Hans007\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 7/01/2016 15:01:08 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\TweakBit deleted successfully C:\PROGRA~2\COMMON~1\Apple deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\Hans007\AppData\Local\ActiveSync deleted successfully C:\Users\Hans007\AppData\Local\NetworkTiles deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Avast Premier Google Chrome Google Update Helper NVIDIA-configuratiescherm 353.62 NVIDIA Install Application Realtek High Definition Audio Driver SafeZone Stable 1.46.1990.139 ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files\AVAST Software\Avast\afwServ.exe C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe C:\Users\Hans007\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Users\Hans007\Downloads\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\TweakBit not found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 4049 MB CPU Info: Intel(R) Pentium(R) CPU G3240 @ 3.10GHz CPU Speed: 3176,8 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: NVIDIA GeForce GTX 750 | NVIDIA GeForce GTX 750 | NVIDIA GeForce GTX 750 Monitors: 1x; SyncMaster P2370(G)/P23700(G),Magic P2370G(Digital) | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller | Realtek RTL8188CU Wireless LAN 802.11n USB 2.0 Network Adapter | Microsoft Wi-Fi Direct Virtual Adapter CD / DVD Drives: 1x (F: | ) F: TSSTcorpCDDVDW SH-216DB Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 869,4GB | D: 60,0GB Hard Disks - Free: C: 814,8GB | D: 43,1GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | MEDION - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: MEDION H81H3-EM2 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Internet Explorer Version: 11.20.10586.0 Google Chrome version: 47.0.2526.106 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-01-06 21:25:22 748D1F5A0495A1AA9D44FB51B4C13271 43112 ----a-w- C:\WINDOWS\avastSS.scr 2015-12-15 03:24:17 E3932E271A55B437139CFF08D83D5ACF 67584 --s-a-w- C:\WINDOWS\bootstat.dat 2015-12-15 02:30:41 692CA5EBC9E0CEF0A8D0BE4DF7400CEE 9528 ----a-w- C:\WINDOWS\diagwrn.xml 2015-12-15 02:30:41 692CA5EBC9E0CEF0A8D0BE4DF7400CEE 9528 ----a-w- C:\WINDOWS\diagerr.xml ====== C:\Users\Hans007\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-01-06 21:51:01 C514A8F4AC22AFAFE54B7CA515BBEAE2 386096 ----a-w- C:\WINDOWS\Sysnative\aswBoot.exe ====== C:\WINDOWS\Sysnative\drivers ===== 2016-01-06 21:25:11 E017E15F8EFD7675976743A8FBECCEBB 466400 ----a-w- C:\WINDOWS\Sysnative\drivers\aswNdisFlt.sys 2015-12-15 03:25:39 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2015-12-15 02:45:32 EFEFC245B884B1BE0401931398DCD707 2152800 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2015-12-15 02:45:32 91D3F2A6253EF83EFBD7903028F58C4D 118624 ----a-w- C:\WINDOWS\Sysnative\drivers\tdx.sys 2015-12-15 02:45:32 70148EFA9A562E7185B75BBE7D376BF7 578912 ----a-w- C:\WINDOWS\Sysnative\drivers\afd.sys 2015-12-15 02:45:29 DBBACE77DDE8CCFD85B37B114965C385 147968 ----a-w- C:\WINDOWS\Sysnative\drivers\rmcast.sys 2015-12-15 02:45:26 EF536C54AB9281FDC4E83B07279FCFC4 35680 ----a-w- C:\WINDOWS\Sysnative\drivers\wimmount.sys 2015-12-15 02:45:26 DE6D7DC78D956928F59F7415A0F41E13 95072 ----a-w- C:\WINDOWS\Sysnative\drivers\sdstor.sys 2015-12-15 02:45:26 C24C27FDF93B85A4EFCF25F830253AA2 117248 ----a-w- C:\WINDOWS\Sysnative\drivers\capimg.sys 2015-12-15 02:45:26 80977779A19947939D680A4899E829EC 604928 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2015-12-15 02:45:26 7D8B9214692C4D0F1646215D9984E19A 161632 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-01-07 11:49:43 -------- d-----w- C:\Program Files\trend micro 2015-12-15 03:26:17 -------- d-----w- C:\Program Files\NVIDIA Corporation 2015-12-15 03:25:48 -------- d-----w- C:\Program Files\Realtek 2015-12-15 02:41:41 -------- d-----w- C:\Program Files\Reference Assemblies 2015-12-15 02:41:41 -------- d-----w- C:\Program Files\MSBuild ======= C:\PROGRA~2 ===== 2015-12-15 03:26:33 -------- d--h--w- C:\PROGRA~2\Uninstall Information 2015-12-15 03:26:17 -------- d-----w- C:\PROGRA~2\NVIDIA Corporation 2015-12-15 02:41:41 -------- d-----w- C:\PROGRA~2\Reference Assemblies 2015-12-15 02:41:41 -------- d-----w- C:\PROGRA~2\MSBuild ======= C: ===== ====== C:\Users\Hans007\AppData\Roaming ====== 2016-01-06 21:04:25 -------- d-----w- C:\Users\Hans007\AppData\Local\Programs 2015-12-28 19:47:09 -------- d-----w- C:\Users\Hans007\AppData\Local\Apple Computer 2015-12-28 19:45:50 -------- d-----w- C:\Users\Hans007\AppData\Local\Apple 2015-12-15 15:52:50 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\DataSharing 2015-12-15 03:40:05 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Packages 2015-12-15 03:28:46 -------- d-s---r- C:\Users\Hans007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2015-12-15 03:28:46 -------- d-----w- C:\Users\Hans007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-12-15 03:28:46 -------- d-----w- C:\Users\Hans007\AppData\Roaming 2015-12-15 03:28:46 -------- d-----w- C:\Users\Hans007\AppData\Local\Temp 2015-12-15 03:28:46 -------- d-----w- C:\Users\Hans007\AppData\Local\Microsoft 2015-12-15 03:28:46 -------- d-----w- C:\Users\Hans007\AppData\Local 2015-12-15 03:28:46 -------- d-----r- C:\Users\Hans007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-12-15 03:28:46 -------- d-----r- C:\Users\Hans007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-12-15 03:28:46 -------- d-----r- C:\Users\Hans007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-12-15 03:28:46 -------- d-----r- C:\Users\Hans007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2015-12-15 03:26:31 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft 2015-12-15 03:23:40 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache 2015-12-15 03:23:19 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming 2015-12-15 03:23:19 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp 2015-12-15 03:23:15 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming 2015-12-15 03:23:15 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp 2015-12-15 03:23:15 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Microsoft 2015-12-15 03:23:15 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local 2015-12-15 02:43:28 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft ====== C:\Users\Hans007 ====== 2016-01-07 11:49:25 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Hans007\Downloads\RSITx64 (1).exe 2016-01-07 11:49:09 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Hans007\Downloads\RSITx64.exe 2016-01-06 21:04:32 -------- d-----w- C:\ProgramData\TweakBit 2016-01-06 21:04:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit 2016-01-06 21:04:09 27C171D6361A52068016B9813BBB8646 412304 ----a-w- C:\Users\Hans007\Downloads\fix_Powershell-setup.exe 2015-12-28 19:46:34 -------- d-----w- C:\ProgramData\Apple Computer 2015-12-28 19:45:17 -------- d-----w- C:\ProgramData\Apple 2015-12-28 19:44:01 9AD218BEB93F936F3046A5615CC058A5 167583000 ----a-w- C:\Users\Hans007\Downloads\iTunes6464Setup.exe 2015-12-15 07:11:25 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Hans007\ntuser.ini 2015-12-15 03:28:46 -------- d--h--w- C:\Users\Hans007\AppData 2015-12-15 03:26:39 -------- d-----w- C:\ProgramData\NVIDIA 2015-12-15 03:26:24 -------- d-----w- C:\ProgramData\NVIDIA Corporation 2015-12-15 03:26:12 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\ProgramData\DP45977C.lfl 2015-12-15 03:23:43 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp 2015-12-15 03:23:19 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\Saved Games 2015-12-15 03:23:19 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Videos 2015-12-15 03:23:19 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Pictures 2015-12-15 03:23:19 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Music 2015-12-15 03:23:19 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Links 2015-12-15 03:23:19 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Favorites 2015-12-15 03:23:19 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Downloads 2015-12-15 03:23:19 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Documents 2015-12-15 03:23:19 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Desktop 2015-12-15 03:23:15 -------- d--h--w- C:\WINDOWS\serviceprofiles\networkservice\AppData 2015-12-15 03:23:15 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\Saved Games 2015-12-15 03:23:15 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Videos 2015-12-15 03:23:15 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Pictures 2015-12-15 03:23:15 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Music 2015-12-15 03:23:15 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Links 2015-12-15 03:23:15 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Favorites 2015-12-15 03:23:15 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Downloads 2015-12-15 03:23:15 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Documents 2015-12-15 03:23:15 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Desktop ====== C: exe-files == 2016-01-07 11:49:43 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Hans007.exe 2016-01-07 11:49:25 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Hans007\Downloads\RSITx64 (1).exe 2016-01-07 11:49:09 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Hans007\Downloads\RSITx64.exe 2016-01-07 11:28:55 8DFED19F9FAE2F3592BA37979E129B60 43464 ----a-w- C:\Users\Hans007\AppData\Local\Temp\_Del__iu14D2N\GASender.exe 2016-01-07 11:28:49 DD4DF03E33B0E9A2D390CBE43295876F 43464 ----a-w- C:\Users\Hans007\AppData\Local\Temp\_Del_FixMyPC\GASender.exe 2016-01-06 21:51:01 C514A8F4AC22AFAFE54B7CA515BBEAE2 386096 ----a-w- C:\Windows\System32\aswBoot.exe 2016-01-06 21:10:52 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Hans007\AppData\Local\Temp\0F53D7F6-A140-430B-A66B-6228EB62DF87\DismHost.exe 2016-01-06 21:05:56 B4656E85333FED69FD85761FDCE8B5D8 1484104 ----a-w- C:\Users\Hans007\AppData\Local\Google\Chrome\User Data\SwReporter\5.39.1\software_reporter_tool.exe 2016-01-06 21:04:47 8DFED19F9FAE2F3592BA37979E129B60 43464 ----a-w- C:\Users\Hans007\AppData\Local\Temp\_Del_pc-cleaner-setup\GASender.exe 2016-01-06 21:04:34 CD73CBFBC89DFED49C23C36067DAA430 8309632 ----a-w- C:\Users\Hans007\AppData\Local\Temp\pc-cleaner-setup.exe 2016-01-06 21:04:33 DD4DF03E33B0E9A2D390CBE43295876F 43464 ----a-w- C:\Users\Hans007\AppData\Local\Temp\_Del_2AC02BED-480E-4564-9122-78206DF1326C_fixmypc_setup\GASender.exe 2016-01-06 21:04:09 27C171D6361A52068016B9813BBB8646 412304 ----a-w- C:\Users\Hans007\Downloads\fix_Powershell-setup.exe === C: other files == 2016-01-06 21:25:11 E017E15F8EFD7675976743A8FBECCEBB 466400 ----a-w- C:\Windows\System32\drivers\aswNdisFlt.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-3026035482-1663455741-4292464263-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Hans007\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Hans007\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [17/11/2015 19:02] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [17/11/2015 19:02] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\SafeZone scheduled Autoupdate 1447783102" [C:\Program Files\AVAST Software\SZBrowser\launcher.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{9FFB11D5-CE90-48EA-ABE5-1E3893F3D823}" [C:\WINDOWS\system32\msfeedssync.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [06/01/2016 22:53] ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[17/11/2015 18:34] Google Slides - Hans007\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Hans007\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Hans007\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Hans007\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Hans007\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Docs Offline - Hans007\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Avast Online Security - Hans007\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Chrome Web Store Payments - Hans007\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Hans007\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.nieuwsblad.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.nieuwsblad.be/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKCU\..\Run: [OneDrive] "C:\Users\Hans007\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hans007\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Hans007\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Hans007\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Hans007\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Hans007\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1 folders=0 141 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Hans007\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on do 07/01/2016 at 15:23:47,53 ======================