Zoek.exe v5.0.0.1 Updated 27-09-2015 Tool run by frans_000 on di 18/10/2016 at 12:41:16,58. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode No Internet Access Detected Launched: D:\Downloads\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2016-10-18-080431.log 385 bytes C:\zoek-results2016-10-18-085128.log 34297 bytes ==== Empty Folders Check ====================== C:\PROGRA~3\ProcessLasso deleted successfully C:\PROGRA~3\ProductData deleted successfully C:\Users\frans_000\AppData\Roaming\ProductData deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3080037671-797662101-3594966419-1002\Software\Microsoft\Internet Explorer\SearchScopes\{5AC07F31-ECDD-4F15-9E0E-094A42A5133C} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== ???????? ????? ??? ????????? ?????????? ?????? ??????? Microsoft Visual Studio Tools ??? ?????? ? ???????????? 2012 (x64) - RUS ???????? ????? ??? ????????? ?????????? ?????? ??????? Microsoft Visual Studio Tools ??? ?????? ? ???????????? 2012 (x86) - RUS æTorrent 7-Zip 9.20 (x64 edition) abylon WLAN-LIVE-SCANNER 2015.9 (Privatversion) AceThinker PDF Writer version 1.0 Acronis True Image 2014 AD Sound Recorder 5.5.1 Adblock Plus voor IE (32-bit en 64-bit) Adobe Creative Suite 6 Master Collection Adobe Photoshop CC 2015 Adobe Shockwave Player 12.2 Advanced Renamer Advanced SystemCare 9 All Family Games AMD Accelerated Video Transcoding AMD Catalyst Control Center AMD Catalyst Install Manager AMD Fuel AMD Start Now AntimalwareEngine Audacity 2.1.1 Bejeweled 3 Belgium e-ID middleware 4.0.7 (build 7466) BLACK WHITE projects 3 (64-Bit) Bonjour Build-a-lot Building the Great Wall of China Collector's Edition BullGuard Internet Security Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner CGS17_Setup_x64 Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module ConvertXtoDVD v5.0.0.45 Corel Graphics - Windows Shell Extension Corel Graphics - Windows Shell Extension 32 Bit CorelDRAW Graphics Suite X7 - Capture (x64) CorelDRAW Graphics Suite X7 - Common (x64) CorelDRAW Graphics Suite X7 - Connect (x64) CorelDRAW Graphics Suite X7 - Custom Data (x64) CorelDRAW Graphics Suite X7 - Draw (x64) CorelDRAW Graphics Suite X7 - Filters (x64) CorelDRAW Graphics Suite X7 - FontNav (x64) CorelDRAW Graphics Suite X7 - IPM Content (x64) CorelDRAW Graphics Suite X7 - IPM T (x64) CorelDRAW Graphics Suite X7 - NL (x64) CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) CorelDRAW Graphics Suite X7 - Redist (x64) CorelDRAW Graphics Suite X7 - Setup Files (x64) CorelDRAW Graphics Suite X7 - VBA (x64) CorelDRAW Graphics Suite X7 - VideoBrowser (x64) CorelDRAW Graphics Suite X7 - Writing Tools (x64) CorelDRAW Graphics Suite X7 (64-Bit) Crazy Chicken Soccer CyberLink Media Suite 10 Cyberlink PhotoDirector CyberLink Power Media Player 12 CyberLink Power2Go 8 CyberLink PowerBackup 2.6 CyberLink PowerDirector 12 CyberLink YouCam DisableMSDefender Dr. Folder version 2.1.5.0 Dropbox 25 GB Energy Star Exact Audio Copy 1.1 FairStars CD Ripper 1.90 Farm Frenzy FastStone Photo Resizer 3.3 FileASSASSIN FOCUS projects professional (64-Bit) FotoSketcher 3.20 Free DVD ISO Maker version 1.2 Google Chrome Google Update Helper Governor of Poker 2 Premium Edition HDR projects photo (64-Bit) Hewlett-Packard ACLM.NET v1.2.2.3 HP 3D DriveGuard HP CoolSense HP Customer Experience Enhancements HP Documentation HP PC Hardware Diagnostics UEFI HP Photo Creations HP Photosmart 6520 series Basissoftware van het apparaat HP Recovery Manager HP Registration Service HP Support Solutions Framework HP System Event Utility HP Update HP Wireless Button Driver ImgBurn Intel(R) C++ Redistributables for Windows* on Intel(R) 64 IObit Uninstaller IrfanView 64 (remove only) Jewel Match 3 MagicCamera 8.8.7 Malwarebytes Anti-Malware versie 2.2.1.1043 Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Visual Basic for Applications 7.1 (x64) Microsoft Visual Basic for Applications 7.1 (x64) Dutch Microsoft Visual Basic for Applications 7.1 (x64) English Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual Studio Tools for Applications 2012 Microsoft Visual Studio Tools for Applications 2012 Finalizer Microsoft Visual Studio Tools for Applications 2012 x64 ???? - ??????? Microsoft Visual Studio Tools for Applications 2012 x64 ???? - ???????? Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - ??? ?? ? Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - ??? Language Pack Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - DEU-Sprachpaket Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Language Pack ITA Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Paquete de idioma ESN Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Module linguistique Fran‡ais Microsoft Visual Studio Tools for Applications 2012 x86 ???? - ??????? Microsoft Visual Studio Tools for Applications 2012 x86 ???? - ???????? Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - ??? ?? ? Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - ??? Language Pack Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - DEU-Sprachpaket Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Language Pack ITA Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Module linguistique Fran‡ais Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Paquete de idioma ESN Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support More Games from WildTangent Games Mozilla Firefox 42.0 (x86 nl) Mozilla Firefox 48.0 (x64 nl) Mozilla Maintenance Service MuseScore 2 NEF Codec Nero Burning Core Nero Burning ROM Nero BurningROM 2016 Nero ControlCenter Nero ControlCenter Help (CHM) Nero Core Components Nero CoverDesigner Nero Info Nero Launcher Nero SharedVideoCodecs Nero Update Nero WaveEditor Nero WaveEditor Help (CHM) Nik Collection OEM Application Profile OkayFreedom Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB PDFCreator PhotoFiltre Studio X Plants vs. Zombies - Game of the Year Polar Bowler 1st Frame PowerISO Prerequisite installer Private Internet Access Support Files Process Lasso Ranch Rush 2 - Premium Edition REALTEK Bluetooth Driver Realtek Card Reader Realtek Ethernet Controller Driver Realtek High Definition Audio Driver REALTEK Wireless LAN Driver Revo Uninstaller Pro 3.1.5 SkypeT 7.23 Spotify Stashimi Stub Installer Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) swMSM Synaptics Pointing Device Driver TeamViewer 11 TomTom HOME TomTom HOME Visual Studio Merge Modules TomTom MyDrive Connect 4.1.0.2658 Toolwiz TimeFreeze Trinklit Supreme Unlocker 1.9.2 Update Installer for WildTangent Games App Vacation QuestT - Australia Virtual Families Visual Studio C++ 10.0 Runtime VLC media player Wedding Dash WildTangent Games App for HP WinX HD Video Converter Deluxe 5.6.2 Youda Jewel Shop ==== Running Processes ====================== C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe C:\Windows\SysWOW64\tbaseprovisioning.exe c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files (x86)\Nero\Update\NASvc.exe D:\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== "C:\windows\Installer\2d664.msi" not found ==== System Specs ====================== Operating System: Microsoft Windows 8.1 6.3.9600 64 bits Manufacturer: Hewlett-Packard - Model: HP Pavilion 17 Notebook PC Install Date: 31/03/2015 19:54:19 Last Boot: 18/10/2016 12:35:33 Processor: AMD A8-6410 APU with AMD Radeon R5 Graphics Number of Processors: 4 Work Station Bootmode: Normal boot Total RAM: 7103 MB (free 4714 MB - 66) Computername: WILLY Domain: WORKGROUP User: frans_000 (Administrator account) Local Disk: C:\ - NTFS - 151 GB (free 53 GB) Local Disk: D:\ - NTFS - 755 GB (free 243 GB) Local Disk: E:\ - NTFS - 24 GB (free 2 GB) CD \ DVD Drive: F:\ Removable Disk: G:\ - FAT32 - 28 GB (free 12 GB) Bootdevice: \Device\HarddiskVolume2 Windows update: Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: BullGuard Antivirus On-access scanning disabled (Outdated) Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: BullGuard Antispyware disabled (Outdated) Firewall: BullGuard Firewall disabled Default Browser: Google Chrome 53.0.2785.143 Internet Explorer Version: 11.0.9600.18450 Mozilla Firefox version: 42.0 (x86 nl) Google Chrome version: 53.0.2785.143 Shockwave Player version: 12.2.4r194 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\FRANS_~1\AppData\Local\Temp ==== 2016-10-18 08:10:05 6337E8365510C2AD792357CC3FA136B2 69632 ----a-w- C:\Users\frans_000\AppData\Local\Temp\REMOVE.EXE 2016-10-11 14:10:14 FA11CC5426FA739B9491B282E5530EC3 610808 ----a-w- C:\Users\frans_000\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2016-10-17 09:05:06 4FC43681BE1F87DAA219E0995C494ADF 149032 ----a-w- C:\Windows\SysWOW64\BgGamingMonitor.dll 2016-10-17 09:04:58 42C0FAC1EA7424B6609A5FA4E0E14B49 61720 ----a-w- C:\Windows\SysWOW64\BGLsp.dll 2016-10-11 13:04:43 0B9940290F74E1297B0D45EE6CE30F0C 28352 ----a-w- C:\Windows\SysWOW64\aspnet_counters.dll 2016-10-11 13:04:32 2644474C2D407F812940DF591A399D22 536776 ----a-w- C:\Windows\SysWOW64\msvcp120_clr0400.dll 2016-10-11 13:04:26 8F0746E811A94C56028F08B077C0F9A6 875720 ----a-w- C:\Windows\SysWOW64\msvcr120_clr0400.dll 2016-10-11 13:02:25 1FD647B0D4A2A3BB804826F535352DC3 19789224 ----a-w- C:\Windows\SysWOW64\shell32.dll 2016-10-11 13:02:23 485066DC2B7954F4CE537EFC5FA958F1 2463744 ----a-w- C:\Windows\SysWOW64\authui.dll 2016-10-11 13:02:23 28ABD6DAEDA9956B7734621349F6AC0C 2537472 ----a-w- C:\Windows\SysWOW64\esent.dll 2016-10-11 13:02:22 9C07773C9FB6902371D29499473C88C9 13317120 ----a-w- C:\Windows\SysWOW64\wmp.dll 2016-10-11 13:02:21 F6C949ED9966999D3CA4507E67C042D7 1049600 ----a-w- C:\Windows\SysWOW64\actxprxy.dll 2016-10-11 13:02:21 BA1298382A60D470B7CB3DE2C0DD6005 1102848 ----a-w- C:\Windows\SysWOW64\Windows.Media.Streaming.dll 2016-10-11 13:02:21 82290A934A5164ECE8B1CE41460A9DEA 1946176 ----a-w- C:\Windows\SysWOW64\d3d11.dll 2016-10-11 13:02:20 F3D9107B7C230B2764E4F30CED48189D 9323008 ----a-w- C:\Windows\SysWOW64\wmploc.DLL 2016-10-11 13:02:20 AE5639082FFE24B16321DE3ECC595895 678400 ----a-w- C:\Windows\SysWOW64\ntshrui.dll 2016-10-11 13:02:20 43ADEEC630714E02B284850AC9780E1E 207872 ----a-w- C:\Windows\SysWOW64\rastapi.dll 2016-10-11 13:02:19 FB90BF1D3CEB4845F60557D5D1551706 215552 ----a-w- C:\Windows\SysWOW64\PlayToDevice.dll 2016-10-11 13:02:19 1955F78D9E7E16099DBABAB36FE3CC3C 162850 ----a-w- C:\Windows\SysWOW64\C_932.NLS 2016-10-11 13:02:19 1200A0010B4774EBC40E0E897A2E21EA 954880 ----a-w- C:\Windows\SysWOW64\twinui.appcore.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2016-10-17 09:05:06 478C352EE31543C24BB5E91B6FECF920 170168 ----a-w- C:\Windows\Sysnative\BgGamingMonitor.dll 2016-10-17 09:04:58 411B653B8096574C69D06F5D52AF2437 76568 ----a-w- C:\Windows\Sysnative\BGLsp.dll 2016-10-11 13:04:40 2C2F4B7DAB4B25D99FF4DD71511AA85C 29888 ----a-w- C:\Windows\Sysnative\aspnet_counters.dll 2016-10-11 13:04:32 E044A776F90DF34D8CDAB8F8C3E06C0C 678592 ----a-w- C:\Windows\Sysnative\msvcp120_clr0400.dll 2016-10-11 13:04:26 B4E661DBFF8544E356EAB62EBF19B2D0 869576 ----a-w- C:\Windows\Sysnative\msvcr120_clr0400.dll 2016-10-11 13:02:27 662510045631DB6350C8F7BD624098B3 22360280 ----a-w- C:\Windows\Sysnative\shell32.dll 2016-10-11 13:02:24 DD94D40B6B5586EA454FDD26D95F6C30 2778624 ----a-w- C:\Windows\Sysnative\authui.dll 2016-10-11 13:02:24 AD21AAD7D8DD09C0A7F6915E19313CB1 15431168 ----a-w- C:\Windows\Sysnative\wmp.dll 2016-10-11 13:02:24 671D9EBFB17B32D3CC239995010A7FF0 2881536 ----a-w- C:\Windows\Sysnative\actxprxy.dll 2016-10-11 13:02:23 8F1D5A42EF9B53DB59CAA6CA536B9547 2896384 ----a-w- C:\Windows\Sysnative\esent.dll 2016-10-11 13:02:21 CEEC008B6997E35CB98DCE07C6D34EC1 1317888 ----a-w- C:\Windows\Sysnative\Windows.Media.Streaming.dll 2016-10-11 13:02:21 8D6F9B6DB5CED8C48BFA24B86E1C2BC3 2315496 ----a-w- C:\Windows\Sysnative\d3d11.dll 2016-10-11 13:02:21 66D346EF04A5869B895C72005E37DA4A 9323008 ----a-w- C:\Windows\Sysnative\wmploc.DLL 2016-10-11 13:02:20 B18D5F41ADEB7FC758265C65AE9D5E26 747008 ----a-w- C:\Windows\Sysnative\ntshrui.dll 2016-10-11 13:02:20 9020CA21ED5C958AA3C46220D4F98D2F 289792 ----a-w- C:\Windows\Sysnative\PlayToDevice.dll 2016-10-11 13:02:20 841345442390953CBC8801B95D3D0540 1574912 ----a-w- C:\Windows\Sysnative\wbengine.exe 2016-10-11 13:02:20 74CB95C70674F7EE614E2C2EBA062985 222208 ----a-w- C:\Windows\Sysnative\rastapi.dll 2016-10-11 13:02:20 618EAA72DD130C38F8AE0D7994167AE6 445765 ----a-w- C:\Windows\Sysnative\ApnDatabase.xml 2016-10-11 13:02:19 B04F1D01B531D55CAF90CDBEEC1BF1EC 1220096 ----a-w- C:\Windows\Sysnative\twinui.appcore.dll 2016-10-11 13:02:19 1955F78D9E7E16099DBABAB36FE3CC3C 162850 ----a-w- C:\Windows\Sysnative\C_932.NLS ====== C:\Windows\Sysnative\drivers ===== 2016-10-11 14:21:13 ABCF9C80EAACE03021BB7F450EB8993F 367200 ----a-w- C:\Windows\Sysnative\drivers\afcdp.sys 2016-10-11 14:21:09 07330E30921C70E9D9B416EE43A06349 1464096 ----a-w- C:\Windows\Sysnative\drivers\tdrpman.sys 2016-10-11 14:21:07 3C29FB9FC9B4C511AD69DC50257FEC75 198432 ----a-w- C:\Windows\Sysnative\drivers\tib_mounter.sys 2016-10-11 14:21:06 DE604462206F7D8C203F767F425FCA8D 1120032 ----a-w- C:\Windows\Sysnative\drivers\tib.sys 2016-10-11 14:21:05 FBE0201AB61E18934C812C34D31A4403 269600 ----a-w- C:\Windows\Sysnative\drivers\snapman.sys 2016-10-11 14:21:02 FDD776FAC4159A2983940D1E411FE9F3 116000 ----a-w- C:\Windows\Sysnative\drivers\fltsrv.sys 2016-10-11 13:02:20 B312191DCBECE3C07DF9A99DE433B126 420184 ----a-w- C:\Windows\Sysnative\drivers\spaceport.sys 2016-10-11 13:02:20 8B8624A93E3F88CB923AEB05B6313227 38912 ----a-w- C:\Windows\Sysnative\drivers\vwifimp.sys 2016-10-11 13:02:20 57DCE4FB0467986AE78E1C6FC5240D32 96256 ----a-w- C:\Windows\Sysnative\drivers\parport.sys 2016-10-11 13:02:19 81633C87B42B63BA484A6177179AC750 83456 ----a-w- C:\Windows\Sysnative\drivers\serial.sys 2016-10-11 13:02:19 71066FF95C487327E44C8AF1B72EBE8B 24576 ----a-w- C:\Windows\Sysnative\drivers\vwifibus.sys 2016-10-11 13:02:19 29AB43937FFDA0B0FB56984226E698C6 71680 ----a-w- C:\Windows\Sysnative\drivers\vwififlt.sys 2016-10-11 13:02:19 1F0135949A6AD6025F363F80FE268251 23040 ----a-w- C:\Windows\Sysnative\drivers\serenum.sys 2016-10-03 03:40:54 ABA3A32B5FAE4E22036F4A2166E61FA5 6168584 ----a-w- C:\Windows\Sysnative\drivers\rtwlane.sys 2016-10-03 03:32:36 92CCD982BEDC3244C296E5615D1B5AC5 22454 ----a-w- C:\Windows\Sysnative\drivers\rtldata.txt ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2016-10-11 14:20:44 -------- d-----w- C:\PROGRA~2\Acronis ======= C: ===== ====== C:\Users\frans_000\AppData\Roaming ====== 2016-09-30 17:12:36 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Steganos 2016-09-29 17:01:30 -------- d-----w- C:\Users\frans_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Process Lasso ====== C:\Users\frans_000 ====== 2016-10-17 09:02:22 -------- d-----w- C:\ProgramData\OO Software 2016-10-11 14:21:12 -------- d-----w- C:\ProgramData\Acronis 2016-10-11 14:20:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis 2016-09-25 22:45:20 -------- d-----w- C:\Users\frans_000\BlackWhite Projects 3 ====== C: exe-files == 2016-10-18 08:10:05 6337E8365510C2AD792357CC3FA136B2 69632 ----a-w- C:\Users\frans_000\AppData\Local\Temp\REMOVE.EXE 2016-10-17 09:56:22 59900A239E2E57EA6635ED984B31FE6C 3754368 ----a-w- C:\EEK\bin\a2hijackfree.exe 2016-10-17 09:33:28 CC445127FB34371E056CB80B684878F4 3085776 ----a-w- C:\EEK\bin\a2cmd.exe 2016-10-17 09:33:28 9AFD5FD2A4001D64B7B6A8228BD05D19 432328 ------w- C:\EEK\Start Commandline Scanner.exe 2016-10-17 09:33:28 68EB001A76162315186EA5906F1F139E 432328 ------w- C:\EEK\Start Emergency Kit Scanner.exe 2016-10-17 09:33:28 3D7E47A121A58F7E1E639419E7CB28C0 1153912 ------w- C:\EEK\bin\BlitzBlank.exe 2016-10-17 09:33:28 25AF1081044D09A706588CC645AD2D38 5475888 ----a-w- C:\EEK\bin\a2emergencykit.exe 2016-10-17 09:33:28 242D0826D1E784DD7F28E6E604CC4CAA 423064 ------w- C:\EEK\Start BlitzBlank.exe 2016-10-17 09:05:07 B38BE5984476FBA0FDEFC80F3EF0E319 109336 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\Files32\BgDelayStartup.exe 2016-10-17 09:05:06 DAC43F4795300A386ABD0DE103E865E6 403224 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgDirSize.exe 2016-10-17 09:05:06 B669AE694839D2ABD8022D18D032E04B 175384 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgBootMonitor.exe 2016-10-17 09:05:06 8324A7B7EA9866BA3701E571DEAF33B3 122648 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgDelayStartup.exe 2016-10-17 09:05:06 2C82858433639C51538E6C844B90C88C 381720 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgDuplicateSize.exe 2016-10-17 09:05:03 3C1343E8820E7C5A82FB4A2BA9670D6A 225048 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\Spamfilter\LittleHook.exe 2016-10-17 09:05:01 5F5F065CD6BCEF89381567F64C03B716 263960 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BgCertUtil32.exe 2016-10-17 09:05:00 8D295367E4731362A81B143BBD6279E5 212248 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\LittleHook.exe 2016-10-17 09:04:59 B5C324ACBF5387F3906D374C0D8CD21F 406808 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BackupShellTransfer.exe 2016-10-17 09:04:58 CAA03BA9FCADDBC09DA8D12E18C74FFF 310040 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe 2016-10-17 09:04:58 7C634D89F8967BA02B5B68CE0F7FD6D1 355096 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BackupRun.exe 2016-10-17 09:04:58 108A126846AC13E389080401B22A0472 241944 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\Files32\BsMailProxy\BgCertUtil32.exe 2016-10-17 09:04:57 888366E172F71F16E23E5625E9E68FC9 711960 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe 2016-10-17 09:04:56 D8F584D251159BDAFA461AE5EFA6D4F0 1164568 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\ManualUpdate.exe 2016-10-17 09:04:56 D7679228E27AFAC14DD077DF4C00B92A 134424 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\UpdatePatcher.exe 2016-10-17 09:04:56 50F52BAEA89ECAB5BD7E5A0540EB0876 495896 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgScan.exe 2016-10-17 09:04:56 507201424B6A72DDCF80C202632E67E1 373016 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgLogViewer.exe 2016-10-17 09:04:56 1600F4F8B0ADD751B02217382DA6BC4E 250136 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgSecErase.exe 2016-10-17 09:04:55 A6A211751683BF152526536A8C462E0E 2856216 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate2.exe 2016-10-17 09:04:55 9D12E8D7BA2AD8E1122F868F83605CA8 656872 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\Uninst.exe 2016-10-17 09:04:54 4C078E93DCFA5D464CE4399C81152F2B 295504 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\Instalator.exe 2016-10-17 09:04:53 E3A619D24055F82D2505125C4D3035CE 159000 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\Files32\BgProbe.exe 2016-10-17 09:04:53 74C467E0EA54BF072650E314DAD4EF53 1456920 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe 2016-10-17 09:04:52 F789AA3765743754F15867AE3CACAD95 78616 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgRegister.exe 2016-10-17 09:04:52 A98A88069FD6E22EE015479E2A0ABA54 161048 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgNag.exe 2016-10-17 09:04:52 9F8665FE0BED2AA2093C9BCA7AE012C1 72472 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgLauncher.exe 2016-10-17 09:04:52 88698A36D3FB01089D386F1C3902F07E 173848 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgProbe.exe 2016-10-17 09:03:26 7638E0147F42DC0457AFB1DB31D19472 401688 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe 2016-10-11 14:21:12 E23A18DE1A4715A225B899143BD38CD7 3873784 ----a-w- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe 2016-10-11 14:10:14 FA11CC5426FA739B9491B282E5530EC3 610808 ----a-w- C:\Users\frans_000\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe 2016-10-11 13:02:20 841345442390953CBC8801B95D3D0540 1574912 ----a-w- C:\Windows\System32\wbengine.exe === C: other files == 2016-10-18 08:53:30 13C5912B99A23BFE1B58E22C366E2626 4852 ----a-w- C:\Users\frans_000\AppData\Local\Temp\xpi\tmp.zip 2016-10-17 09:56:23 9ED89A533D125C273F93C6A524A1A118 136456 ----a-w- C:\EEK\bin\epp64.sys 2016-10-17 09:56:23 9D281B465EED4623185611F46BB6C83F 112408 ----a-w- C:\EEK\bin\epp32.sys 2016-10-11 14:21:13 ABCF9C80EAACE03021BB7F450EB8993F 367200 ----a-w- C:\Windows\System32\drivers\afcdp.sys 2016-10-11 14:21:09 07330E30921C70E9D9B416EE43A06349 1464096 ----a-w- C:\Windows\System32\drivers\tdrpman.sys 2016-10-11 14:21:07 3C29FB9FC9B4C511AD69DC50257FEC75 198432 ----a-w- C:\Windows\System32\drivers\tib_mounter.sys 2016-10-11 14:21:06 DE604462206F7D8C203F767F425FCA8D 1120032 ----a-w- C:\Windows\System32\drivers\tib.sys 2016-10-11 14:21:05 FBE0201AB61E18934C812C34D31A4403 269600 ----a-w- C:\Windows\System32\drivers\snapman.sys 2016-10-11 14:21:02 FDD776FAC4159A2983940D1E411FE9F3 116000 ----a-w- C:\Windows\System32\drivers\fltsrv.sys 2016-10-11 13:02:20 B312191DCBECE3C07DF9A99DE433B126 420184 ----a-w- C:\Windows\System32\drivers\spaceport.sys 2016-10-11 13:02:20 8B8624A93E3F88CB923AEB05B6313227 38912 ----a-w- C:\Windows\System32\drivers\vwifimp.sys 2016-10-11 13:02:20 57DCE4FB0467986AE78E1C6FC5240D32 96256 ----a-w- C:\Windows\System32\drivers\parport.sys 2016-10-11 13:02:19 81633C87B42B63BA484A6177179AC750 83456 ----a-w- C:\Windows\System32\drivers\serial.sys 2016-10-11 13:02:19 71066FF95C487327E44C8AF1B72EBE8B 24576 ----a-w- C:\Windows\System32\drivers\vwifibus.sys 2016-10-11 13:02:19 29AB43937FFDA0B0FB56984226E698C6 71680 ----a-w- C:\Windows\System32\drivers\vwififlt.sys 2016-10-11 13:02:19 1F0135949A6AD6025F363F80FE268251 23040 ----a-w- C:\Windows\System32\drivers\serenum.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3080037671-797662101-3594966419-1002\Software\Microsoft\Windows\CurrentVersion\Run] "HP Photosmart 6520 series (NET)"="C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe -deviceID CN28L1524D05TZ:NW -scfn HP Photosmart 6520 series (NET) -AutoStart 1" "Advanced SystemCare 9"="C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe /Auto" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "HPMessageService"="C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HP Photosmart 6520 series (NET)"="C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe -deviceID CN28L1524D05TZ:NW -scfn HP Photosmart 6520 series (NET) -AutoStart 1" "Advanced SystemCare 9"="C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe /Auto" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "BullGuard"="C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe -boot" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Task Scheduler Jobs ====================== C:\Windows\tasks\ASC9_SkipUac_frans_000.job --a-------- C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [28/07/2016 14:59] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24/06/2015 17:15] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24/06/2015 17:15] C:\Windows\tasks\HPCeeScheduleForfrans_000.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [16/06/2015 09:51] C:\Windows\tasks\Uninstaller_SkipUac_frans_000.job --a-------- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [24/06/2016 10:58] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\ASC9_SkipUac_frans_000" [C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe /SkipUac] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CLVDLauncher" [C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForfrans_000" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\Private Internet Access Startup" ["C:\Program Files\pia_manager\pia_manager.exe"] "C:\Windows\SysNative\tasks\Process Lasso Core Engine Only" ["C:\Program Files\Process Lasso\processgovernor.exe"] "C:\Windows\SysNative\tasks\Process Lasso Management Console (GUI)" ["C:\Program Files\Process Lasso\processlasso.exe"] "C:\Windows\SysNative\tasks\Uninstaller_SkipUac_frans_000" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\Windows\SysNative\tasks\YCMServiceAgent" [C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe] "C:\Windows\SysNative\tasks\{F52ECE18-01E1-443F-A6A0-35782DEEECFA}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\Windows\SysNative\tasks\BullGuard\BullGuardUpdate2" [C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate2.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon" [C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Nero\Nero Info" [C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\FRANS_~1\AppData\Roaming\Mozilla\Firefox\Profiles\pweuk3nf.default - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ProfilePath: C:\Users\FRANS_~1\AppData\Roaming\TomTom\HOME\Profiles\0rimj6fy.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Carminat TomTom - C:\Users\frans_000\AppData\Roaming\TomTom\HOME\Profiles\0rimj6fy.default\extensions\RenaultTheme@tomtom.com - Carminat TomTom - %ProfilePath%\extensions\RenaultTheme@tomtom.com AppDir: C:\Program Files\Mozilla Firefox - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\frans_000\AppData\Roaming\Mozilla\Firefox\Profiles\pweuk3nf.default 8CE35D76726DFC8C3848BB26B3C79A54 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll - Shockwave for Director / Shockwave for Director ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 ClickClean - frans_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod Whitelisted domains - frans_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Chrome Web Store Payments - frans_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ClickClean App - frans_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp Chrome Media Router - frans_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{5AC07F31-ECDD-4F15-9E0E-094A42A5133C}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {5AC07F31-ECDD-4F15-9E0E-094A42A5133C} Beveiligd zoeken Url="https://search.yahoo.com/search?fr=mcafee_uninternational&type=C011BE1045D20151115&p={searchTerms}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7A6F2EDADB7E5594DB660309B322D3FD deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\7A6F2EDADB7E5594DB660309B322D3FD deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe O4 - HKCU\..\Run: [HP Photosmart 6520 series (NET)] "C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN28L1524D05TZ:NW" -scfn "HP Photosmart 6520 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BGAntiphishingIE.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: @oem92.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: OkayFreedom VPN Starter Service - Steganos Software GmbH - C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe O23 - Service: tbaseprovisioning - Advanced Micro Devices, Inc. - C:\Windows\SysWOW64\tbaseprovisioning.exe O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\frans_000\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\frans_000\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\frans_000\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\frans_000\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\frans_000\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=98 folders=107 109582231 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\frans_000\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\FRANS_~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 18/10/2016 at 13:37:49,39 ======================