
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Felicia on za 09-01-2016 at 16:02:16,80.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Rotteveel\Downloads\zoek.exe [Scan all users] [Script inserted] 

==== Older Logs ======================

C:\zoek-results2016-01-07-171815.log	38308 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\Popcorn Time\Updater.exe
C:\Program Files (x86)\BlueStacks\HD-Service.exe
C:\Program Files (x86)\BlueStacks\HD-Network.exe
C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\BlueStacksGameManager\BlueStacks.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\BlueStacks\HD-Frontend.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Rotteveel\Downloads\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update service deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 
"MEDIA"=- 

==== Batch Command(s) Run By Tool======================


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 8085 MB
CPU Info: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
CPU Speed: 2656,5 MHz
Sound Card: Luidsprekers (High Definition A | 
Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | Intel(R) HD Graphics Family
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1600 X 900 - 32 bit
Network: Network Present
Network Adapters: Bluetooth-apparaat (Personal Area Network) | Microsoft Wi-Fi Direct Virtual Adapter | Realtek PCIe GBE Family Controller | Qualcomm Atheros AR956x Wireless Network Adapter
CD / DVD Drives: 2x (D: | E: | ) D: HL-DT-STDVDRAM GUC0N     | E:
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C:  911,2GB
Hard Disks - Free: C:  722,1GB
Manufacturer *: LENOVO
BIOS Info: AT/AT COMPATIBLE |  | LENOVO - 1
Time Zone: Centraal-Europa (standaardtijd)
Motherboard *: LENOVO Lenovo G70-70
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
Internet Explorer Version: 11.0.9600.18125 
Google Chrome version: 47.0.2526.106
Adobe Reader version: 15.9.20077.160923
Sun Java version: 1.8.0_66 (32-bit) 
Sun Java version: 1.8.0_66 (64-bit) 

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\ROTTEV~1\AppData\Local\Temp ====
====== Java Cache =====
2016-01-07 17:24:08	61C40E5C0BCAC2D6DA0CC20289056DEB	933	----a-w-	C:\Users\Rotteveel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\3d9bb503-583647e5
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2015-12-12 22:45:29	B2E1A2E7911DF19A2A41156F16982ECC	11131184	----a-w-	C:\Windows\Sysnative\drivers\nvlddmkm.sys
====== C:\Windows\Tasks ======
2016-01-04 11:41:23	FDAAF1BEA736DB99EF77BF7C31235035	3260	----a-w-	C:\Windows\Sysnative\Tasks\Opera N Sunday
2016-01-04 11:41:21	1B35935717C59390F1B469089CDDC3D8	3260	----a-w-	C:\Windows\Sysnative\Tasks\Opera N Saturday
2015-12-23 01:56:54	6D3C5488C4AB75A5C1D30277316DE8AB	3102	----a-w-	C:\Windows\Sysnative\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2038612255-1388990000-560677430-1001
====== C:\Windows\Temp ======
======= C:\Program Files =====
2016-01-07 00:48:53	--------	d-----w-	C:\Program Files\trend micro
2015-12-23 01:59:03	--------	d-----w-	C:\Program Files\Windows Live
2015-12-23 01:38:56	--------	d-----w-	C:\Program Files\Lightworks
======= C:\PROGRA~2 =====
2016-01-08 21:45:50	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2016-01-04 11:39:28	--------	d-----w-	C:\PROGRA~2\Opera
2015-12-28 10:53:16	--------	d-----w-	C:\PROGRA~2\COMMON~1\Skype
2015-12-23 02:00:14	--------	d-----w-	C:\PROGRA~2\Microsoft SQL Server Compact Edition
2015-12-23 01:58:45	--------	d-----w-	C:\PROGRA~2\Windows Live
2015-12-23 01:55:08	--------	d-----w-	C:\PROGRA~2\COMMON~1\Windows Live
2015-12-22 20:33:10	--------	d-----w-	C:\PROGRA~2\BlueStacks
======= C: =====
====== C:\Users\Rotteveel\AppData\Roaming ======
2016-01-09 00:47:41	--------	d-----w-	C:\Users\Rotteveel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-07 17:16:28	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2016-01-07 17:16:27	--------	d-----w-	C:\Users\Rotteveel\AppData\Local\Temp
2016-01-07 17:16:27	--------	d-----w-	C:\Users\Default\AppData\Local\Temp
2016-01-07 17:16:27	--------	d-----w-	C:\Users\Default User\AppData\Local\Temp
2016-01-04 11:07:43	--------	d-----w-	C:\Users\Rotteveel\AppData\Local\Genymobile
2015-12-23 01:56:18	--------	d-----w-	C:\Users\Rotteveel\AppData\Local\Windows Live
2015-12-22 20:37:22	--------	d-----w-	C:\Users\Rotteveel\AppData\Roaming\Mozilla
2015-12-22 20:24:44	--------	d-----w-	C:\Users\Rotteveel\AppData\Local\Bluestacks
====== C:\Users\Rotteveel ======
2016-01-09 15:11:14	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\winhttp
2016-01-08 20:02:12	81EDCA9D9BFDDB931ED448078762A31A	584288	----a-w-	C:\Users\Rotteveel\Downloads\chromeinstall-8u66.exe
2016-01-07 00:47:40	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Rotteveel\Downloads\RSITx64.exe
2016-01-07 00:40:41	C8F33B42E71E993EBED5F5D7A0368F6E	1749504	----a-w-	C:\Users\Rotteveel\Downloads\adwcleaner_5.028.exe
2016-01-04 22:54:48	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-01-04 12:57:17	--------	d-----w-	C:\Users\Rotteveel\.VirtualBox
2015-12-28 10:53:21	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-23 02:00:35	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-12-23 01:56:54	--------	d-----r-	C:\Users\Rotteveel\OneDrive
2015-12-23 01:56:43	--------	d-----w-	C:\ProgramData\Microsoft OneDrive
2015-12-23 01:41:32	--------	d-----w-	C:\Users\Rotteveel\.MCTranscodingSDK
2015-12-23 01:40:57	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks
2015-12-23 01:40:35	--------	d-----w-	C:\ProgramData\Geevs
2015-12-23 01:40:17	--------	d-----w-	C:\Users\Public\Documents\Lightworks
2015-12-22 20:36:45	--------	d-----w-	C:\ProgramData\BlueStacksGameManager
2015-12-22 20:33:10	--------	d-----w-	C:\ProgramData\BlueStacks

====== C: exe-files ==
2016-01-08 21:44:56	D8EEED21B06866E85DA30485F5059FF6	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\servertool.exe
2016-01-08 21:44:56	ADAF1151B29D2D1691FA027B6C55B3D7	50784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssvagent.exe
2016-01-08 21:44:56	73368169BFD965EC6257E77C23CED879	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\rmiregistry.exe
2016-01-08 21:44:56	17A8DD2484DC26E38DFE3209C8B36980	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\policytool.exe
2016-01-08 21:44:56	0B82777B13B81417E5520DF7B1E8C319	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\rmid.exe
2016-01-08 21:44:56	0A3936FE18FC04350159A1E647201501	16480	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\tnameserv.exe
2016-01-08 21:44:56	092F4D3C25F3086D4C7FDEC79DD71302	159328	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\unpack200.exe
2016-01-08 21:44:55	46AB480B01CD30801B3AE89B5AAE75A8	16480	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\orbd.exe
2016-01-08 21:44:55	3B306D41F07396975ECE34A860BD9036	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\pack200.exe
2016-01-08 21:44:54	7BE9BE6E15653824A28F5CED6B273588	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\klist.exe
2016-01-08 21:44:54	525027DF51378DDA25F0F52C20BCB132	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\kinit.exe
2016-01-08 21:44:54	36A44033C6B970F95E2A1448F4481CEA	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\keytool.exe
2016-01-08 21:44:54	28FB06FC63D5817153B5502A49DF3F00	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\ktab.exe
2016-01-08 21:44:53	CA51FB3FE5012E21D9A14AC071527866	76896	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2launcher.exe
2016-01-08 21:44:52	F003BBCB09CACF8A9F4CE0C67A2D6E63	278624	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaws.exe
2016-01-08 21:44:52	8977B87AB10AB1DA8769CA0053B401B0	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\jjs.exe
2016-01-08 21:44:52	7BDD7F1BC2A20971DEE17B6920D61BBC	191584	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaw.exe
2016-01-08 21:44:51	FDF059C05249FAEA0221ED65CD59A9C8	68192	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\javacpl.exe
2016-01-08 21:44:51	EFC80BC662BCC20B0B09700636FDC732	30816	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\jabswitch.exe
2016-01-08 21:44:51	A9E84AD3536425BC68263B723C2442E4	191072	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\java.exe
2016-01-08 21:44:51	04D67FF5044A605F1E7D923A1D6F1751	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\java-rmi.exe
2016-01-08 20:02:12	81EDCA9D9BFDDB931ED448078762A31A	584288	----a-w-	C:\Users\Rotteveel\Downloads\chromeinstall-8u66.exe
2016-01-07 00:48:53	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Felicia.exe
2016-01-07 00:47:40	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Rotteveel\Downloads\RSITx64.exe
2016-01-07 00:40:41	C8F33B42E71E993EBED5F5D7A0368F6E	1749504	----a-w-	C:\Users\Rotteveel\Downloads\adwcleaner_5.028.exe
2016-01-06 22:35:40	7B9BECE52B9A060B7BEAC6DA1E031086	601768	----a-w-	C:\Users\Rotteveel\AppData\Local\NVIDIA\NvBackend\Packages\000084b4\CoProc update.20313796.exe
=== C: other files ==
2016-01-09 00:47:45	2469EB94047FCA754EE7791EA80CDC43	98843	----a-w-	C:\Users\Rotteveel\AppData\Local\Google\Chrome\User Data\Webstore Downloads\cbjofeljbackknhjcddhpblfahfnfnpn_5586.crx
2016-01-08 22:41:33	58FAC95AD7099B9E0FE1CD9B5F0A2340	566638	----a-w-	C:\Users\Rotteveel\AppData\Local\Google\Chrome\User Data\Webstore Downloads\cfhdojbkjhnklbpkdaibdccddilifddb_61601.crx
2016-01-08 21:44:59	4DB4B1F67E583B41F841F48254BE38E3	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\lib\deploy\ffjcext.zip
2016-01-08 20:41:22	1122ADE62FEA5829C66649C31A213D31	844917	----a-w-	C:\Users\Rotteveel\AppData\Local\Google\Chrome\User Data\Webstore Downloads\gighmmpiobklfepjocnamgkkbiglidom_4486.crx
2016-01-06 15:16:51	596A894B2FE82A7CC95E1A3C7683C978	531	----a-w-	C:\ProgramData\BlueStacks\UserData\TileData\000013\Launcher.vbs
2016-01-06 02:43:30	776EF74E18382D1C07A053EB0DB6A227	7899150	----a-w-	C:\Users\Rotteveel\Downloads\1168515.zip
2016-01-04 23:13:56	596A894B2FE82A7CC95E1A3C7683C978	531	----a-w-	C:\ProgramData\BlueStacks\UserData\TileData\000012\Launcher.vbs
2016-01-04 14:03:53	596A894B2FE82A7CC95E1A3C7683C978	531	----a-w-	C:\ProgramData\BlueStacks\UserData\TileData\000011\Launcher.vbs
2016-01-04 12:41:22	207B2F71186EA2BA4CC0344866A27168	546	----a-w-	C:\ProgramData\BlueStacks\UserData\TileData\000010\Launcher.vbs
2016-01-04 12:41:06	BFE773D9E21E08F1CCFD26081947AB0E	524	----a-w-	C:\ProgramData\BlueStacks\UserData\TileData\000009\Launcher.vbs

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2038612255-1388990000-560677430-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"GoogleChromeAutoLaunch_3913EB01BF159354E0EB034B2595134E"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"IMSS"="C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE -startup"
"BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"MEDIA"="C:\Users\Rotteveel\AppData\Local\Temp\in71125248\085F01E9_stp.EXE"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"GoogleChromeAutoLaunch_3913EB01BF159354E0EB034B2595134E"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LenovoOptMouseUpdate"="C:\Program Files\Lenovo\HOTKEY\extapsup.exe"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"Classic Start Menu"="C:\Program Files\Classic Shell\ClassicStartMenu.exe -autorun"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BstHdAndroidSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BstHdLogRotatorSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BstHdUpdaterSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\cphs]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\GfExperienceService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IBMPMSVC]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Intel(R) Capability Licensing Service Interface]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Intel(R) Capability Licensing Service TCP IP Interface]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Intel(R) ME Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\intelsba]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\jhi_service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Lenovo System Agent Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Lenovo.VIRTSCRLSVC]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LMS]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MBAMService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NvNetworkService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NvStreamSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\nvsvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Origin Client Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\QuickControlMasterSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\QuickControlService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SUService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TeamViewer]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TPHKLOAD]


==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02-06-2015 12:26]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02-06-2015 12:26]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\AVFramework-TaskStartUserServer32-1S" ["C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe"]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Opera N Saturday" [C:\Program Files (x86)\Opera\launcher.exe]
"C:\Windows\SysNative\tasks\Opera N Sunday" [C:\Program Files (x86)\Opera\launcher.exe]
"C:\Windows\SysNative\tasks\Synaptics TouchPad Enhancements" ["C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{918859EA-8BA2-4CDC-BF1A-FBCF276F93F9}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Intel(R) Small Business Advantage\Start SBA" [net]
"C:\Windows\SysNative\tasks\Lenovo\Dependency Package Auto Update" [C:\Program Files\Lenovo\iMController\AutoUpdate.exe]
"C:\Windows\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program" ["%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"]
"C:\Windows\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program 64" ["%ProgramFiles(x86)%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"]
"C:\Windows\SysNative\tasks\TVT\TVSUUpdateTask" ["C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe"]

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86


Norton Identity Safe - Rotteveel\AppData\Local\Chromium\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif
Norton Security Toolbar - Rotteveel\AppData\Local\Chromium\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Google Wallet - Rotteveel\AppData\Local\Chromium\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
AdBlock - Rotteveel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Pin It Button - Rotteveel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic
TweetDeck by Twitter - Rotteveel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl
Hello Melody NI - Rotteveel\AppData\Local\Google\Chrome\User Data\Default\Extensions\naingjackpbfaahcplilfjphfmoajppb
Chrome Web Store Payments - Rotteveel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chromium Fix ======================

C:\Users\Rotteveel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage deleted successfully
C:\Users\Rotteveel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage-journal deleted successfully
C:\Users\Rotteveel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Rotteveel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Rotteveel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Rotteveel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{65153595-6451-42D8-871A-293833DF2BB2}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-fd9a26fb&q={searchTerms}
HKLM\SearchScopes\{fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} - No_Url_Value
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\ielnksrch - http://www.bing.com/search?q={searchTerms}
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKLM\Wow6432Node\SearchScopes\{65153595-6451-42D8-871A-293833DF2BB2} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LNJB
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}
HKCU\SearchScopes\{ielnksrch} - http://www.bing.com/search?q={searchTerms}

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [AmIcoSinglun64] "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_3913EB01BF159354E0EB034B2595134E] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Rotteveel\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Rotteveel\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Rotteveel\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Rotteveel\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Rotteveel\AppData\Local\Chromium\User Data\Default\Cache emptied successfully
C:\Users\Rotteveel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=5654 folders=141 472381412 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Rotteveel\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\ROTTEV~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found

==== EOF on za 09-01-2016 at 16:32:14,16 ======================