Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by pieter on wo 02/03/2016 at 18:00:54,27. Microsoft Windows 10 Home 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\pieter\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 2/03/2016 18:02:47 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\CES EduPack 2014 deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\R.G. Mechanics deleted successfully C:\PROGRA~2\Rockstar Games deleted successfully C:\Program Files\log deleted successfully C:\Program Files\Pixum deleted successfully C:\Program Files\Rockstar Games deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\PCSettings deleted successfully C:\PROGRA~3\SimaProLicense deleted successfully C:\Users\pieter\AppData\Local\ActiveSync deleted successfully C:\Users\pieter\AppData\Local\EmieSiteList deleted successfully C:\Users\pieter\AppData\Local\EmieUserList deleted successfully C:\Users\pieter\AppData\Local\NetworkTiles deleted successfully C:\Users\ruben\AppData\Local\ActiveSync deleted successfully C:\Users\ruben\AppData\Local\NetworkTiles deleted successfully C:\Users\ruben\AppData\Local\PackageStaging deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2955392916-74002602-258459102-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9a102985-b4d1-4c2a-83b5-38a8960a107c} deleted successfully HKEY_USERS\S-1-5-21-2955392916-74002602-258459102-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9a102985-b4d1-4c2a-83b5-38a8960a107c} deleted successfully HKEY_USERS\S-1-5-21-2955392916-74002602-258459102-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_USERS\S-1-5-21-2955392916-74002602-258459102-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5081D2D4-1637-404c-B74F-50526718257D} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5081D2D4-1637-404c-B74F-50526718257D} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9a102985-b4d1-4c2a-83b5-38a8960a107c} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9a102985-b4d1-4c2a-83b5-38a8960a107c} deleted successfully HKEY_CLASSES_ROOT\CLSID\{9a102985-b4d1-4c2a-83b5-38a8960a107c} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9a102985-b4d1-4c2a-83b5-38a8960a107c} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{5081D2D4-1637-404c-B74F-50526718257D} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{5081D2D4-1637-404c-B74F-50526718257D} deleted successfully ==== Installed Programs ====================== Tools for .Net 3.5 64 Bit HP CIO Components Installer Adobe Acrobat Reader DC - Nederlands Adobe Flash Player 20 NPAPI Adobe Refresh Manager Adobe Shockwave Player 12.2 Age of Empires III - Complete Collection Albelli.be Fotoboeken AVS Audio Converter 7.2 AzureTools.Notifications Behaviors SDK (XAML) for Visual Studio Belgium e-ID middleware 4.1.7 (build 1666) Bitdefender Agent BitTorrent Blend for Visual Studio 2013 Blend for Visual Studio 2013 ENU resources Blend for Visual Studio SDK for .NET 4.5 Blend for Visual Studio SDK for Silverlight 5 Build Tools - amd64 Build Tools - x86 Build Tools Language Resources - amd64 Build Tools Language Resources - x86 CCleaner Cities Skylines Command & ConquerT Red Alert 2 and Yuri's Revenge De SimsT 4 De SimsT 4 Cre‰er-een-Sim Demo Definition Update for Microsoft Office 2013 (KB3114731) 64-Bit Edition Dotfuscator and Analytics Community Edition eID Chrome Middleware ELAN Touchpad 15.13.1.1_X64_WHQL Entity Framework Tools for Visual Studio 2013 Garmin BaseCamp Garmin Communicator Plugin Garmin Communicator Plugin x64 Garmin TOPO Benelux PRO Garmin USB Drivers Google Drive Google Earth Google Earth Plug-in Google Update Helper Governor of Poker 2 HD Tune Pro 5.50 IIS 8.0 Express IIS Express Application Compatibility Database for x64 IIS Express Application Compatibility Database for x86 Intel(R) Management Engine Components Intel(R) Processor Graphics Intel(R) Rapid Storage Technology Intel© Trusted Connect Service Client Java 8 Update 73 Java Auto Updater JavaScript Tooling KB9X Radio Switch Driver LocalESPC Dev12 LocalESPCui for en-us Dev12 MergeModule_x86 Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft .NET Framework 4.5 Multi-Targeting Pack Microsoft .NET Framework 4.5 SDK Microsoft .NET Framework 4.5.1 Multi-Targeting Pack Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (ENU) Microsoft .NET Framework 4.5.1 SDK Microsoft Advertising SDK for Windows 8.1 - ENU Microsoft Advertising Service Extension for Visual Studio Microsoft ASP.NET MVC 4 - Visual Studio 2013 - ENU Microsoft ASP.NET MVC 4 Runtime Microsoft ASP.NET Web Frameworks and Tools - Visual Studio 2013 - ENU Microsoft ASP.NET Web Pages 2 - Visual Studio 2013 - ENU Microsoft ASP.NET Web Pages 2 Runtime Microsoft C++ Azure Mobile SDK for Visual Studio 2013 Microsoft C++ REST SDK for Visual Studio 2013 Microsoft Exchange Web Services Managed API 2.0 Microsoft Expression Blend SDK for .NET 4 Microsoft Help Viewer 2.1 Microsoft Identity Extensions Microsoft LightSwitch for Visual Studio 2013 Core Microsoft LightSwitch for Visual Studio 2013 CoreRes - ENU Microsoft LightSwitch for Visual Studio 2013 v4.0 Tools Microsoft LightSwitch for Visual Studio 2013 v4.0 ToolsRes - ENU Microsoft LightSwitch v4.0 SDK Microsoft NuGet - Visual Studio 2013 Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) - ENU Language Pack Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) Microsoft Office 32-bit Components 2013 Microsoft Office 365 ProPlus - nl-nl Microsoft Office OSM MUI (English) 2013 Microsoft Office Proofing (English) 2013 Microsoft Office Proofing Tools 2013 - English Microsoft Office Proofing Tools 2013 - Espa¤ol Microsoft Office Shared 32-bit MUI (English) 2013 Microsoft Office Shared MUI (English) 2013 Microsoft Office Shared Setup Metadata MUI (English) 2013 Microsoft Portable Library Multi-Targeting Pack Microsoft Portable Library Multi-Targeting Pack Language Pack - enu Microsoft Report Viewer Add-On for Visual Studio 2013 Microsoft ReportViewer 2010 SP1 Redistributable (KB2549864) Microsoft SharePoint 2013 Developer Tools for Visual Studio Microsoft SharePoint 2013 Developer Tools for Visual Studio 2012 Nuget Package Microsoft SharePoint 2013 Developer Tools for Visual Studio ENU Language Pack Microsoft Silverlight Microsoft Silverlight 5 SDK Microsoft SQL Server 2012 Command Line Utilities Microsoft SQL Server 2012 Data-Tier App Framework Microsoft SQL Server 2012 Data-Tier App Framework (x64) Microsoft SQL Server 2012 Express LocalDB Microsoft SQL Server 2012 Management Objects Microsoft SQL Server 2012 Management Objects (x64) Microsoft SQL Server 2012 Native Client Microsoft SQL Server 2012 T-SQL Language Service Microsoft SQL Server 2012 Transact-SQL ScriptDom Microsoft SQL Server Compact 4.0 SP1 x64 ENU Microsoft SQL Server Data Tools - enu (12.0.30919.1) Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) Microsoft SQL Server System CLR Types Microsoft SQL Server System CLR Types (x64) Microsoft System CLR Types for SQL Server 2012 Microsoft System CLR Types for SQL Server 2012 (x64) Microsoft Team Foundation Server 2013 Object Model (x64) Microsoft Team Foundation Server 2013 Object Model Language Pack (x64) - ENU Microsoft Visio MUI (English) 2013 Microsoft Visio Professional 2013 Microsoft Visual C++ ARM Libraries Microsoft Visual C++ x64-arm Cross Compilers - ENU Resources Microsoft Visual C++ x64-arm Cross Compilers Microsoft Visual C++ x64-x86 Cross Compilers - ENU Resources Microsoft Visual C++ x64-x86 Cross Compilers Microsoft Visual C++ x64 Libraries Microsoft Visual C++ x64 Native Compilers - ENU Resources Microsoft Visual C++ x64 Native Compilers Microsoft Visual C++ x86 Libraries Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 x64 Designtime - 12.0.21005 Microsoft Visual C++ 2013 32bit Compilers - ENU Resources Microsoft Visual C++ 2013 Compilers - ENU Resources Microsoft Visual C++ 2013 Compilers Microsoft Visual C++ 2013 Core Libraries Microsoft Visual C++ 2013 Extended Libraries Microsoft Visual C++ 2013 Microsoft Foundation Class Libraries Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86-x64 Compilers Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft Visual Studio 2013 Devenv Microsoft Visual Studio 2013 Devenv Resources Microsoft Visual Studio 2013 Performance Collection Tools - ENU Microsoft Visual Studio 2013 Performance Collection Tools Microsoft Visual Studio 2013 Preparation Microsoft Visual Studio 2013 Profiling Tools Microsoft Visual Studio 2013 Shell (Minimum) Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies Microsoft Visual Studio 2013 Shell (Minimum) Resources Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU Microsoft Visual Studio 2013 VsGraphics Helper Dependencies Microsoft Visual Studio Professional 2013 - ENU Microsoft Visual Studio Professional 2013 Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core Microsoft Visual Studio Ultimate 2013 XAML UI Designer enu Resources Microsoft Web Deploy 3.5 Microsoft Web Developer Tools 2013 - Visual Studio 2013 MSXML 4.0 SP2 Parser and SDK Nero Burning Core Nero Burning ROM Nero Burning ROM 2014 Nero Burning ROM Help (CHM) Nero ControlCenter Nero ControlCenter Help (CHM) Nero Core Components Nero Info Nero SharedVideoCodecs Nero Update Nitro Pro 9 Norton Security with Backup NVIDIA-configuratiescherm 353.62 NVIDIA GeForce Experience 2.4.1.21 NVIDIA GeForce Experience Service NVIDIA Grafisch stuurprogramma 350.12 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA Network Service NVIDIA Optimus Update 2.4.1.21 NVIDIA PhysX Systeem Software 9.15.0324 NVIDIA ShadowPlay 2.4.1.21 NVIDIA Update 2.4.1.21 NVIDIA Update Core NVIDIA Virtual Audio 1.2.28 Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component Open XML SDK 2.5 for Microsoft Office Oracle Crystal Ball (64-bit) Origin Outils de v‚rification linguistique 2013 de Microsoft Office˙- Fran‡ais Patient HealthViewer 3.0.0 Picasa 3 PlayMemories Home PMB_ModeEditor PMB_ServiceUploader PreEmptive Analytics Visual Studio Components Prerequisite installer Prerequisites for SSDT Python Tools Redirection Template Qualcomm Atheros Bandwidth Control Filter Driver Qualcomm Atheros Killer E220x Drivers Qualcomm Atheros Killer Network Manager Suite Qualcomm Atheros Network Manager Realtek Card Reader Realtek High Definition Audio Driver Revo Uninstaller 1.95 RiskAMP Add-in: Professional Edition 4.64 RollerCoaster Tycoon 3 Platinum RollerCoaster Tycoon World Samsung Kies Samsung USB Driver for Mobile Phones ScanSoft PDF Converter 3.0 SCM Security Update for Microsoft Excel 2013 (KB3114734) 64-Bit Edition Security Update for Microsoft Office 2013 (KB3039734) 64-Bit Edition Security Update for Microsoft Office 2013 (KB3039798) 64-Bit Edition Security Update for Microsoft Office 2013 (KB3054816) 64-Bit Edition Security Update for Microsoft Office 2013 (KB3085572) 64-Bit Edition Security Update for Microsoft Publisher 2013 (KB3085561) 64-Bit Edition Security Update for Microsoft Word 2013 (KB3114724) 64-Bit Edition Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition SharePoint Client Components SHIELD Streaming SHIELD Wireless Controller Driver SimCity 2000 Special Edition SimCityT Skype Click to Call Smart Switch Steam Stuurprogrammapakket voor Windows - Fedict SmartCard (08/08/2015 4.1.5) swMSM System Requirements Lab CYRI System Requirements Lab Detection Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Team Explorer for Microsoft Visual Studio 2013 Theme Hospital Ultima 8 Update for (KB2504637) Update for Microsoft Access 2013 (KB3114505) 64-Bit Edition Update for Microsoft InfoPath 2013 (KB3114353) 64-Bit Edition Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition Update for Microsoft Office 2013 (KB2880487) 64-Bit Edition Update for Microsoft Office 2013 (KB2899522) 64-Bit Edition Update for Microsoft Office 2013 (KB2975869) 64-Bit Edition Update for Microsoft Office 2013 (KB3023052) 64-Bit Edition Update for Microsoft Office 2013 (KB3039701) 64-Bit Edition Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition Update for Microsoft Office 2013 (KB3039766) 64-Bit Edition Update for Microsoft Office 2013 (KB3039778) 64-Bit Edition Update for Microsoft Office 2013 (KB3054783) 64-Bit Edition Update for Microsoft Office 2013 (KB3054785) 64-Bit Edition Update for Microsoft Office 2013 (KB3054805) 64-Bit Edition Update for Microsoft Office 2013 (KB3054941) 64-Bit Edition Update for Microsoft Office 2013 (KB3055006) 64-Bit Edition Update for Microsoft Office 2013 (KB3055007) 64-Bit Edition Update for Microsoft Office 2013 (KB3055011) 64-Bit Edition Update for Microsoft Office 2013 (KB3085479) 64-Bit Edition Update for Microsoft Office 2013 (KB3085482) 64-Bit Edition Update for Microsoft Office 2013 (KB3085506) 64-Bit Edition Update for Microsoft Office 2013 (KB3085578) 64-Bit Edition Update for Microsoft Office 2013 (KB3114715) 64-Bit Edition Update for Microsoft Office 2013 (KB3114717) 64-Bit Edition Update for Microsoft Office 2013 (KB3114727) 64-Bit Edition Update for Microsoft Office 2013 (KB3114736) 64-Bit Edition Update for Microsoft OneDrive for Business (KB3114509) 64-Bit Edition Update for Microsoft OneNote 2013 (KB3114344) 64-Bit Edition Update for Microsoft Outlook 2013 (KB3114729) 64-Bit Edition Update for Microsoft PowerPoint 2013 (KB3114716) 64-Bit Edition Update for Microsoft Project 2013 (KB3114739) 64-Bit Edition Update for Microsoft Visio 2013 (KB3114720) 64-Bit Edition Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition Update for Skype for Business 2015 (KB3114732) 64-Bit Edition Viper Plagiarism Scanner VirtualCloneDrive Visual F# 3.1 SDK Visual F# 3.1 VS Visual Studio 2013 Prerequisites - ENU Language Pack Visual Studio 2013 Prerequisites Visual Studio Extensions for Windows Library for JavaScript VLC media player WCF Data Services 5.6.0 Runtime WCF Data Services Tools for Microsoft Visual Studio 2013 WCF RIA Services V1.0 SP2 WestwoodOnline Windows App Certification Kit Native Components Windows App Certification Kit x64 Windows Azure Mobile Services SDK Windows Azure Mobile Services Tools for Visual Studio 2013 Preview - v1.0 Windows Azure Shared Components for Microsoft Visual Studio 2013 - v1.0 Windows Azure Tools for LightSwitch for Visual Studio 2013 - v2.1 Windows Runtime Intellisense Content - en-us Windows Software Development Kit Windows Software Development Kit DirectX x64 Remote Windows Software Development Kit DirectX x86 Remote Windows Software Development Kit for Windows Store Apps Windows Software Development Kit for Windows Store Apps DirectX x64 Remote Windows Software Development Kit for Windows Store Apps DirectX x86 Remote Windows XP Targeting with C++ WinRAR 5.11 beta 1 (64-bit) Workflow Manager Client 1.0 Workflow Manager Tools 1.0 for Visual Studio ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe C:\Program Files (x86)\SCM\MSIService.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Windows\SysWOW64\NLSSRV32.EXE C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe C:\Program Files\Bitdefender Agent\ProductAgentService.exe C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Users\pieter\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.0.124\NSBU.exe C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.0.124\NSBU.exe C:\Users\pieter\Downloads\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5081D2D4-1637-404c-B74F-50526718257D}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9a102985-b4d1-4c2a-83b5-38a8960a107c}] ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5081D2D4-1637-404c-B74F-50526718257D}] ==== Deleting Files \ Folders ====================== C:\PROGRA~2\CES EduPack 2014 not found C:\PROGRA~2\R.G. Mechanics not found C:\PROGRA~2\Rockstar Games not found C:\Program Files (x86)\UniDeals not found C:\PROGRA~3\HPs deleted C:\PROGRA~3\HP deleted C:\Users\pieter\AppData\Local\Rockstar Games deleted C:\PROGRA~3\17340475596582368937 deleted C:\PROGRA~2\Age of Empires III - Complete Collection deleted C:\user.js deleted C:\PROGRA~3\AlawarWrapper deleted C:\PROGRA~3\Package Cache deleted C:\Users\pieter\AppData\Local\2636080169__4_32_16.dll deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\WINDOWS\SysNative\roboot64.exe deleted C:\Users\pieter\AppData\LocalLow\Company deleted C:\Users\pieter\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A} deleted C:\windows\SysNative\tasks\SimpleFiles Installer Starter deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\Users\Public\Documents\AlawarWrapper deleted C:\Users\pieter\PatientHealthViewer_windows_3.0.0.exe deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 16301 MB CPU Info: Intel(R) Core(TM) i7-4710MQ CPU @ 2.50GHz CPU Speed: 2535,8 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1280 X 720 - 32 bit Network: Network Present Network Adapters: Intel(R) Dual Band Wireless-AC 7260 | Microsoft Wi-Fi Direct Virtual Adapter | Killer e2200 Gigabit Ethernet Controller (NDIS 6.30) | Bluetooth Device (Personal Area Network) CD / DVD Drives: 2x (D: | E: | ) D: TSSTcorpCDDVDW SU-208FB | E: ELBY CLONEDRIVE Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 2 Button Mouse Present Hard Disks: C: 465,2GB Hard Disks - Free: C: 255,5GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 04/13/12 | ALASKA - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: Micro-Star International Co., Ltd. MS-1492 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== AV: Bitdefender Antivirus *Enabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB} SP: Bitdefender Antispyware *Enabled/Updated* {8B2012EC-32D4-494F-BC03-832DB3BDF911} FW: Bitdefender Firewall *Enabled* Default Browser: Google Chrome 48.0.2564.116 Internet Explorer Version: 11.103.10586.0 Google Chrome version: 48.0.2564.116 Adobe Reader version: 15.10.20056.167417 Sun Java version: 1.8.0_73 (32-bit) Sun Java version: 1.8.0_73 (64-bit) Flash Player version: 20.0.0.306 Shockwave Player version: 12.2r162 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-02-11 06:05:46 95D730526EF81792CD6848D8D10FAA1C 4502352 ----a-w- C:\WINDOWS\explorer.exe ====== C:\Users\pieter\AppData\Local\Temp ==== ====== Java Cache ===== 2016-03-02 16:58:36 4F85459CEC4F78A3987FFFD5B6A816C5 605 ----a-w- C:\Users\pieter\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-52aaf4fb 2016-03-02 16:58:36 7CD07CC50081A1F46A76C951E8A377B9 428 ----a-w- C:\Users\pieter\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-78e96a5ccf5c5b6a29dcdffe1d16c989d010904d54059e7b28aad8dacf6a56c9-6.0.lap 2016-03-02 16:58:36 C9588417B10E1D770E3E5DA1F3510AE5 8425 ----a-w- C:\Users\pieter\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\298d42d-45c6ed68 2016-03-02 16:58:39 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\pieter\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\c8dc66e-74710c46 ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== ====== C:\WINDOWS\Sysnative\drivers ===== 2016-03-01 16:56:04 6DF8F618B93C821630C9BAA8DA3FAAAF 111344 ----a-w- C:\WINDOWS\Sysnative\drivers\SYMEVENT64x86.SY1 2016-02-29 17:49:21 EBEE2CD97C1CEBB8CA53FBFECFF328E9 8214 ----a-w- C:\WINDOWS\Sysnative\drivers\SYMEVENT64x86.CAT 2016-02-29 17:49:21 43687EBC193F837182769BEA27427142 855 ----a-w- C:\WINDOWS\Sysnative\drivers\SYMEVENT64x86.INF 2016-02-29 17:49:21 37092FA03A0885DF9B8F2F1C82609327 102616 ----a-w- C:\WINDOWS\Sysnative\drivers\SYMEVENT64x86.SYS 2016-02-11 06:05:50 CC0A2F91C231E0D25EE3DBBF11B660D9 1998176 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2016-02-11 06:05:48 299B5570571185DB929194C40A1A0DB0 576352 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2016-02-11 06:05:45 BF6CA7EA5ECD6CF72D3D76652A9B8280 144384 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxdav.sys 2016-02-11 06:05:45 A1105260EEEE3DBD8D38FD054B22BD00 604928 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-03-01 17:06:02 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2016-03-02 16:57:58 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\pieter\AppData\Roaming ====== ====== C:\Users\pieter ====== 2016-03-02 16:54:39 462D73C11B99C0B77D65C0BFE82454AE 735328 ----a-w- C:\Users\pieter\Downloads\JavaSetup8u73.exe 2016-03-01 17:04:44 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\pieter\Downloads\RSITx64.exe 2016-02-29 17:43:31 13F19C1EA98F66CD45E23882B8F25075 129390912 ----a-w- C:\Users\pieter\Downloads\NSBU-TW-22.5.0-NL.exe 2016-02-29 17:43:14 89B2A7F44D6FFB590261CC276172D01E 235344 ----a-w- C:\ProgramData\1456767732.bdinstall.bin 2016-02-29 17:15:36 C182ED519BC62214C3E59526113D4800 6839456 ----a-w- C:\Users\pieter\Downloads\ccsetup515pro.exe ====== C: exe-files == 2016-03-02 16:57:35 DB409F9BD2FA779E75835B1E0FE1181C 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\unpack200.exe 2016-03-02 16:57:35 C84504D069A78BE5E4444EA06AA5E102 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\orbd.exe 2016-03-02 16:57:35 B100697A0837596183F3BBD94448F68E 30816 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\jabswitch.exe 2016-03-02 16:57:35 ABC1BAF673FA608029D45EB6C78E1D04 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssvagent.exe 2016-03-02 16:57:35 AB6E988F108E2437E65536F3F5550BA2 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\ktab.exe 2016-03-02 16:57:35 A3AA0A0935506C7ECA6EF2F584CD416F 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\policytool.exe 2016-03-02 16:57:35 8BD1E7120713F9581645D5FDD14B8D25 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\rmid.exe 2016-03-02 16:57:35 876744373E18627410A9F23C348C5D9E 76896 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2launcher.exe 2016-03-02 16:57:35 6ABADA3CA8DC4AC2AFDA69A6836C362F 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\pack200.exe 2016-03-02 16:57:35 66550F1F363BC66AFD9A530AD8CB6570 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\kinit.exe 2016-03-02 16:57:35 5B98DCE4893425BA4F08C2BE134CABE5 191584 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\javaw.exe 2016-03-02 16:57:35 4383D5735FD7743D01AD04E9AAD1D6CF 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\keytool.exe 2016-03-02 16:57:35 3B74EE580794FCBDE389639E9D8ECEFB 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\rmiregistry.exe 2016-03-02 16:57:35 328A57535A2B74C924FA34DD29039E9D 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\java-rmi.exe 2016-03-02 16:57:35 2942578781EFB763366176C015F09ACD 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\tnameserv.exe 2016-03-02 16:57:35 249C1C8BD8AC9568E5C5A0EC2FB39018 191072 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\java.exe 2016-03-02 16:57:35 237CDD69D6E3866533B402F321A11A4E 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\javacpl.exe 2016-03-02 16:57:35 2211C51BABE577798343D69F818E25AB 278624 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\javaws.exe 2016-03-02 16:57:35 16E2FE80EE89DCCA1907D97E34656E19 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\jjs.exe 2016-03-02 16:57:35 0A7708846A0629D518739075A40DDD06 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\servertool.exe 2016-03-02 16:57:35 04E0265E964D9ECB07B105D456B96982 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\klist.exe 2016-03-02 16:56:55 7713F318952BFF9588EEB83A9A3E41A6 7360688 ----a-w- C:\Users\pieter\AppData\Local\NVIDIA\NvBackend\Packages\00008775\DAO.20494876.exe 2016-03-02 16:54:39 462D73C11B99C0B77D65C0BFE82454AE 735328 ----a-w- C:\Users\pieter\Downloads\JavaSetup8u73.exe 2016-03-02 12:53:22 4B888860EFE7839EDE26014930EEE71A 630200 ----a-w- C:\Users\pieter\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2016-03-02 12:53:20 E7E2338B0763439601290579485D5309 172984 ----a-w- C:\Users\pieter\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2016-03-01 17:06:03 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\pieter.exe 2016-03-01 17:04:44 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\pieter\Downloads\RSITx64.exe 2016-03-01 16:56:13 F23F9ABB73EF2862DED6CF414A891C2D 610744 ----a-w- C:\Users\pieter\AppData\Local\NVIDIA\NvBackend\Packages\00008767\CoProc update.20490610.exe 2016-02-29 17:48:35 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\pieter\AppData\Local\Temp\6591F2EE-9DA5-440B-9E9D-4EFDC6C66A6F\DismHost.exe 2016-02-29 17:43:31 13F19C1EA98F66CD45E23882B8F25075 129390912 ----a-w- C:\Users\pieter\Downloads\NSBU-TW-22.5.0-NL.exe 2016-02-29 17:15:36 C182ED519BC62214C3E59526113D4800 6839456 ----a-w- C:\Users\pieter\Downloads\ccsetup515pro.exe 2016-02-28 17:54:28 8D677EE90317A10D3369C3885C93B268 1579416 ----a-w- C:\Users\pieter\AppData\Local\Google\Chrome\User Data\SwReporter\6.44.4\software_reporter_tool.exe 2016-02-28 08:41:47 B3D395F976904E00407023A5D584F7CE 42696 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\AppSharingHookController.exe 2016-02-28 08:41:46 B2E742BA71FE6EA9EBF44134E4532973 123744 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE 2016-02-28 08:41:43 A87F6B74FC1EC826D00435ABB006B177 48840 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\AppSharingHookController64.exe 2016-02-28 08:41:43 A0CEF79F20D66D88B2F0CFE8FC6C7983 591080 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\DW\DWTRIG20.EXE 2016-02-28 08:41:41 55CCB8A69BCE7F4DEA608600397256E7 1000144 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\DW\DW20.EXE 2016-02-28 08:41:25 F739C656EF6AF34F9348DE7BF50FE797 5817640 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CMigrate.exe 2016-02-28 08:41:22 43A21D566170A3266752152AF145BA6E 1068760 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe 2016-02-28 08:41:21 7996B767BA55A61B6DDB3F1F00C0BAEB 655032 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\MSOSQM.EXE 2016-02-28 08:41:20 173F7A4F29F68E0D7436DC9FEF26437E 7954216 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CMigrate.exe 2016-02-28 08:40:53 87944F4E3333FFAE0515A0EB4F9C15F8 1766688 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe 2016-02-28 08:40:50 F0E7085D540F1869BF9FDC50C1EF348A 628928 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSOUC.EXE 2016-02-28 08:40:50 DCE338251CE0C633C34843BA896EE58B 705384 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ORGCHART.EXE 2016-02-28 08:40:50 B1B277A3EC72D8BCBF19376C68316E2B 2107688 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\OcPubMgr.exe 2016-02-28 08:40:50 A6904605EE5712F8FA99262494A3773E 678744 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\IEContentService.exe 2016-02-28 08:40:50 A4C8B6FCF167F769DD840F2C3FF2E8B6 471232 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE 2016-02-28 08:40:50 7995F9023DD61E7C19A0081E28134BBA 589088 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\SELFCERT.EXE 2016-02-28 08:40:50 57B3BE39AFD1557A54429835E4BF7DE5 29500608 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe 2016-02-28 08:40:50 18EE6762E30F6297AC15150CD52F7F0F 6132928 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\GRAPH.EXE 2016-02-28 08:40:49 C3454614AB9BC4F4CBBFD801B8ED898A 8730816 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\lynchtmlconv.exe 2016-02-28 08:40:49 568A5EF3D97F4DB5425BB4DCA7F1CB12 710400 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\VPREVIEW.EXE 2016-02-28 08:40:49 46FD020015402AA87FDE6BDF4B9E1C52 1115336 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\UcMapi.exe 2016-02-28 08:40:24 FE3506C4313F074F11F364EFFD42C4D5 922392 ----a-w- C:\Program Files\Microsoft Office 15\root\Integration\Integrator.exe 2016-02-28 08:40:24 D3FB608774760D4267D66C8E5A479FF4 389504 ----a-w- C:\Program Files\Microsoft Office 15\root\client\AppVLP.exe 2016-02-28 08:40:23 BF33AB2A68972B6AF64F8E4EBB1278F4 145064 ----a-w- C:\Program Files\Microsoft Office 15\root\client\AppVDllSurrogate64.exe 2016-02-28 08:40:23 1E9B3B467F1449C2FB361E8D59FF5D76 124072 ----a-w- C:\Program Files\Microsoft Office 15\root\client\AppVDllSurrogate32.exe 2016-02-28 08:40:10 C5CEF41D2D720DB9888FF3511A6040FF 27808464 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\lync.exe 2016-02-28 08:40:09 BDD9DED1DBE9E6663A98B60A70108117 2561704 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\INFOPATH.EXE 2016-02-28 08:40:09 796EC1A1461805212075910DF3B8141F 13939456 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\GROOVE.EXE 2016-02-28 08:40:08 7A989EA63F16CDD21D3EC2BE4F472075 27128008 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE 2016-02-28 08:40:04 4CC8F6AA6D0206BC0D2A813F02D46C1D 1934520 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE 2016-02-28 08:40:03 E20EF6DCA394331D87C196E071B892B2 33036472 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE 2016-02-28 08:40:00 5E9F8A54340057CA782C844B6373A598 1052864 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\FIRSTRUN.EXE 2016-02-28 08:39:59 CF972482D2089B927A3565577B8334CE 205480 ----a-w- C:\Program Files\Microsoft Office 15\ClientX64\AppVShNotify.exe 2016-02-28 08:39:59 85112B8619D65474F7F0F259A0A32CC4 249000 ----a-w- C:\Program Files\Microsoft Office 15\ClientX64\mavinject32.exe === C: other files == 2016-03-02 16:57:35 EFE4B4EBEBBF14DE84461AFCC281DA12 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\lib\deploy\ffjcext.zip 2016-03-01 16:55:58 BA2ABBEA69BD1866C973DE11CB0CE9F8 50936 ----a-w- C:\Windows\System32\drivers\NSBUx64\1605020.00F\srtspx64.sys 2016-03-01 16:55:58 5EA70535B2A6504278E14943867B1B39 576248 ----a-w- C:\Windows\System32\drivers\NSBUx64\1605020.00F\symnets.sys 2016-03-01 16:55:58 5A1C7DBDDB001BC6F1D1720E655445E2 173808 ----a-w- C:\Windows\System32\drivers\NSBUx64\1605020.00F\ccsetx64.sys 2016-03-01 16:55:58 3361466E3C5353CAB7E978C236FADF3B 926448 ----a-w- C:\Windows\System32\drivers\NSBUx64\1605020.00F\srtsp64.sys 2016-03-01 16:55:58 1DE0CBF15AC67AE0E5B456ADEFB89493 24192 ----a-w- C:\Windows\System32\drivers\NSBUx64\1605020.00F\symelam.sys 2016-03-01 16:55:58 0891E59A27208B9B727BAB863B853E80 297720 ----a-w- C:\Windows\System32\drivers\NSBUx64\1605020.00F\ironx64.sys 2016-03-01 16:55:55 C9EC22D5B3C6B32A7C8B4A73870A7379 1620720 ----a-w- C:\Windows\System32\drivers\NSBUx64\1605020.00F\symefasi64.sys 2016-02-29 17:49:21 37092FA03A0885DF9B8F2F1C82609327 102616 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS 2016-02-29 17:49:21 20F758E6339A16F97DD83389D582E09A 23568 ----a-r- C:\Windows\ELAMBKUP\SYMELAM.SYS 2016-02-29 17:49:15 928617B35CA08B50E1C3B74DDD08EB86 567512 ----a-r- C:\Windows\System32\drivers\NSBUx64\1605000.07C\symnets.sys 2016-02-29 17:49:15 79F730ABF587812062268515B5DDDDF9 1611992 ----a-r- C:\Windows\System32\drivers\NSBUx64\1605000.07C\SymEFASI64.sys 2016-02-29 17:49:15 20F758E6339A16F97DD83389D582E09A 23568 ----a-r- C:\Windows\System32\drivers\NSBUx64\1605000.07C\SymELAM.sys 2016-02-29 17:49:14 91CCA8F28E6C445BE35C41E35BED7184 917720 ----a-r- C:\Windows\System32\drivers\NSBUx64\1605000.07C\srtsp64.sys 2016-02-29 17:49:14 896088EAE00305E6BA9B081114B23DAE 42200 ----a-r- C:\Windows\System32\drivers\NSBUx64\1605000.07C\srtspx64.sys 2016-02-29 17:49:14 10F5EECFC5A9BF9629F5818D001C1608 288984 ----a-r- C:\Windows\System32\drivers\NSBUx64\1605000.07C\Ironx64.sys 2016-02-29 17:49:14 09A841B941CB375793AA174A60BEAAD5 165080 ----a-r- C:\Windows\System32\drivers\NSBUx64\1605000.07C\ccSetx64.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-2955392916-74002602-258459102-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISUSPM Startup"="C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe -startup" "OneDrive"="C:\Users\pieter\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "AlcoholAutomount"="C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -automount" "Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_USERS\S-1-5-21-2955392916-74002602-258459102-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\pieter\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\pieter\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sound Blaster Cinema"="C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe /r" "UpdReg"="C:\Windows\UpdReg.EXE" "SSBkgdUpdate"="C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot" "ScanSoft PDF Converter 3.0-reminder"="C:\Program Files (x86)\ScanSoft\PDF Converter 3.0\Ereg\Ereg.exe -r C:\ProgramData\ScanSoft\PDF Converter\3\Ereg\ereg.ini" "ISUSScheduler"="C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe -start" "PMBVolumeWatcher"="C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun" "PDF3 Registry Controller"="C:\Program Files (x86)\ScanSoft\PDF Converter 3.0\\RegistryController.exe" "VirtualCloneDrive"="C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "N360"="C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\22.5.4.24\InstStub.exe /RELAUNCH /RUNONCE /NOPROMPT /PRODID N360 /FSD C:\Program Files (x86)\Norton 360 Premier Edition\Norton 360\Engine\20.6.0.27\ccsvchst.exe /upgradelayout /qn /notray /NOREBOOT" "MEDIA"="C:\Users\Public\Downloads\Norton\{N3602250424-SHPD-ESD-FSD51083}\N360-ESD-22.5.4.24-EN.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ISUSPM Startup"="C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe -startup" "OneDrive"="C:\Users\pieter\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "AlcoholAutomount"="C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -automount" "Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\pieter\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\pieter\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" "MBCfg64"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "InstallerLauncher"="C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-4848-A706-AA244FA25FEA}\setuplauncher.exe /run:C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-4848-A706-AA244FA25FEA}\Installer.exe" "ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe " "Radio Manager"="C:\Program Files (x86)\SCM\Radio Manager.exe" "SCM"="C:\Program Files (x86)\SCM\SCM.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10/02/2016 21:27] C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job --a-------- C:\WINDOWS\explorer.exe [29/01/2016 07:57] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29/08/2015 19:33] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cfedc15ac915e2.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29/08/2015 19:33] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d00028c62258bd.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29/08/2015 19:33] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29/08/2015 19:33] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cfedc15ba805b4.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29/08/2015 19:33] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d00028c70096cd.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29/08/2015 19:33] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\AutoKMS" [C:\Windows\AutoKMS\AutoKMS.exe] "C:\WINDOWS\SysNative\tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864" [C:\Program Files\Bitdefender Agent\WatchDog.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore1cfedc15ac915e2" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore1d00028c62258bd" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA1cfedc15ba805b4" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA1d00028c70096cd" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.0.124\WSCStub.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{8833B3BD-1E87-4A9E-B8A5-1BD06E2AB8D9}" [C:\Windows\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{D6566561-7E71-442B-80C1-DBD7E2D68402}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Nero\Nero Info" [C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe] "C:\WINDOWS\SysNative\tasks\Norton Identity Safe\Norton Error Processor" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe] "C:\WINDOWS\SysNative\tasks\Norton Security with Backup\Norton Autofix" [C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.0.124\SymErr.exe] "C:\WINDOWS\SysNative\tasks\Norton Security with Backup\Norton Error Analyzer" [C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.0.124\SymErr.exe] "C:\WINDOWS\SysNative\tasks\Norton Security with Backup\Norton Error Processor" [C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.0.124\SymErr.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.0.124\coFFPlgn" [29/02/2016 18:49] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be ==== Firefox Plugins ====================== Profilepath: C:\Users\pieter\AppData\Roaming\Mozilla\Firefox\Profiles\8133oudt.default 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL - Microsoft Office 2013 88C9284589B5AEEF93AAF8016BA1290D - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - Microsoft Office 2013 ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\Gast\AppData\Local\Google\Chrome deleted ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjabmdjcfcfdmffimndhafhblfmpjdpe - C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.0.124\Exts\Chrome.crx[05/06/2015 07:55] iikflkcanblccfahdhdonehdalibjnif - No path found[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[08/01/2016 10:47] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions apdfllckaahabafndbhieahigkjlhalf - C:\Users\pieter\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx[28/02/2015 17:33] lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[] Google Drive - pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf eID Chrome Extension - pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkbdaodnaecdijpajecpncpdomgcoakc YouTube - pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Norton Security Toolbar - pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe Google Search - pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Norton Home Page for Chrome - pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe Google Docs Offline - pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Norton Identity Safe - pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif Hangouts - pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl Norton Safe Search as default for Chrome - pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl Chrome Web Store Payments - pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - pieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Slides - pieter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - pieter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - pieter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - pieter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - pieter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - pieter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap Bookmark Manager - pieter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik Norton Identity Safe - pieter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif Skype Click to Call - pieter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Drive App Launcher - pieter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh Norton Security Toolbar - pieter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Google Wallet - pieter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - pieter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Slides - ruben\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - ruben\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - ruben\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - ruben\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - ruben\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - ruben\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - ruben\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Norton Identity Safe - ruben\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif Skype - ruben\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Chrome Web Store Payments - ruben\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - ruben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\pieter\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences "homepage": "http://www2.delta-search.com/?babsrc=HP_ss&mntrId=B85690004E15ED98&affID=119982&tt=080913_ctrl&tsp=5000", "startup_urls": [ "http://www.google.be/" ] ==== Chromium Fix ====================== C:\Users\pieter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.360yield.com_0.localstorage deleted successfully C:\Users\pieter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.360yield.com_0.localstorage-journal deleted successfully C:\Users\ruben\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage deleted successfully C:\Users\ruben\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage-journal deleted successfully C:\Users\pieter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\pieter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\ruben\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\ruben\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\ruben\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\ruben\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.norton.com" "Default_Page_URL"="http://www.key-find.com/?type=hp&ts=1425139417&from=exp&uid=SamsungXSSDX840XEVOX500GBXmSATA_S1KMNEAF101639X" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://search.norton.com" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== Reset Google Chrome ====================== C:\Users\pieter\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\pieter\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\pieter\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully C:\Users\pieter\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully C:\Users\ruben\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\ruben\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\pieter\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\pieter\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully C:\Users\pieter\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully C:\Users\ruben\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\ruben\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.0.124\coIEPlg.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.0.124\coIEPlg.dll O4 - HKLM\..\Run: [Sound Blaster Cinema] "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [ScanSoft PDF Converter 3.0-reminder] "C:\Program Files (x86)\ScanSoft\PDF Converter 3.0\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PDF Converter\3\Ereg\ereg.ini" O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun O4 - HKLM\..\Run: [PDF3 Registry Controller] "C:\Program Files (x86)\ScanSoft\PDF Converter 3.0\\RegistryController.exe" O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [N360] "C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\22.5.4.24\InstStub.exe" /RELAUNCH /RUNONCE /NOPROMPT /PRODID N360 /FSD "C:\Program Files (x86)\Norton 360 Premier Edition\Norton 360\Engine\20.6.0.27\ccsvchst.exe" /upgradelayout /qn /notray /NOREBOOT O4 - HKCU\..\Run: [ISUSPM Startup] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe -startup O4 - HKCU\..\Run: [OneDrive] "C:\Users\pieter\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount O4 - HKCU\..\Run: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\RunOnce: [Uninstall C:\Users\pieter\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\pieter\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - Global Startup: Killer Network Manager.lnk = ? O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Open with Scansoft PDF Converter 3.0 - res://C:\Program Files (x86)\ScanSoft\PDF Converter 3.0\IEShellExt.dll /100 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.2.0.0/GarminAxControl_32.CAB O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe O23 - Service: Alcohol Virtual AHCI Controller Management Service (AxVirtualAHCISrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe O23 - Service: @%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000 (c2wts) - Unknown owner - C:\Program Files (x86)\Windows Identity Foundation\v3.5\c2wtshost.exe (file missing) O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\SCM\MSIService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NitroPDFDriverCreatorReadSpool9 (NitroDriverReadSpool9) - Nitro PDF Software - C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe O23 - Service: NitroUpdateService - Unknown owner - C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE O23 - Service: Norton Security with Backup (NSBU) - Symantec Corporation - C:\Program Files (x86)\Norton Security with Backup\Engine\22.5.2.15\NSBU.exe O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe O23 - Service: Product Agent Service (ProductAgentService) - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe O23 - Service: Qualcomm Atheros Killer Service V2 - Qualcomm Atheros - C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\pieter\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\pieter\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\ruben\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\ruben\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\pieter\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\pieter\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Users\ruben\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\ruben\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\pieter\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\pieter\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully C:\Users\ruben\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=13167 folders=778 5696604243 bytes) ==== Empty Temp Folders ====================== C:\Users\pieter\AppData\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\pieter\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on wo 02/03/2016 at 18:25:58,31 ======================