Zoek.exe v5.0.0.0 Updated 14-April-2014 Tool run by SveniO on ma 28/04/2014 at 21:36:28,69. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\SveniO\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 28/04/2014 21:41:21 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\Program Files\log deleted successfully C:\Program Files\trend micro deleted successfully C:\Program Files\Common Files\Adobe deleted successfully C:\PROGRA~3\Babylon deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\Users\SveniO\AppData\Roaming\Activeris deleted successfully C:\Users\SveniO\AppData\Roaming\Atari deleted successfully C:\Users\SveniO\AppData\Roaming\EurekaLog deleted successfully C:\Users\SveniO\AppData\Roaming\Google deleted successfully C:\Users\SveniO\AppData\Roaming\Lite deleted successfully C:\Users\SveniO\AppData\Roaming\systweak deleted successfully C:\Users\SveniO\AppData\Local\Conduit deleted successfully C:\Users\SveniO\AppData\Local\DassaultSystemes deleted successfully C:\Users\SveniO\AppData\Local\PackageAware deleted successfully C:\Users\SveniO\AppData\Local\Unity deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3886362779-2204385146-2482240540-1001\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-3886362779-2204385146-2482240540-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-3886362779-2204385146-2482240540-1001\Software\Microsoft\Internet Explorer\SearchScopes\{C71EE75D-503E-469B-B031-2249772A8E3C} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "BrowserMngr Start Page"=- [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "bProtector Start Page"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "BrowserMngrDefaultScope"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "bProtectorDefaultScope"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00cbb66b-1d3b-46d3-9577-323a336acb50}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce] "upfst_be_33.exe"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\BrowserCompanion deleted C:\Program Files (x86)\fst_be_33 deleted C:\Program Files (x86)\Re-markit Corp deleted C:\Users\SveniO\AppData\Roaming\BrowserCompanion deleted C:\PROGRA~2\Mozilla Firefox\user.js deleted C:\PROGRA~2\Conduit deleted C:\Users\SveniO\AppData\Roaming\Babylon deleted C:\Users\SveniO\AppData\Roaming\File Scout deleted C:\PROGRA~3\Ask deleted C:\PROGRA~3\Tarma Installer deleted C:\Users\SveniO\AppData\Local\APN deleted C:\Users\SveniO\AppData\Local\avgchrome deleted C:\Windows\SysNative\roboot64.exe deleted C:\Users\SveniO\AppData\LocalLow\bbrs_002.tb deleted C:\Users\SveniO\AppData\LocalLow\AskToolbar deleted C:\Users\SveniO\AppData\LocalLow\BabylonToolbar deleted C:\Users\SveniO\AppData\LocalLow\PriceGong deleted C:\Users\SveniO\AppData\LocalLow\Conduit deleted C:\windows\SysNative\Tasks\Re-markit Update deleted C:\windows\SysNative\Tasks\Re-markit_wd deleted C:\Windows\Tasks\Re-markit Update.job deleted C:\Windows\Tasks\Re-markit_wd.job deleted C:\windows\SysNative\tasks\BitGuard deleted C:\user.js deleted C:\END deleted C:\Windows\Syswow64\SearchProtect deleted C:\Windows\SysWow64\searchplugins deleted C:\Windows\SysWow64\Extensions deleted C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} deleted "C:\Users\SveniO\AppData\Local\fst_be_33\upfst_be_33.exe" deleted "C:\Users\SveniO\AppData\Local\fst_be_33\upfst_be_33.exe" deleted "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" deleted "C:\PROGRA~2\Ask.com\Updater\Updater.exe" deleted "C:\Program Files (x86)\Ask.com" deleted "C:\Users\SveniO\AppData\Local\fst_be_33" deleted "C:\PROGRA~2\Ask.com" deleted "C:\Users\SveniO\AppData\Local\fst_be_33" deleted "C:\Program Files (x86)\Ask.com\Updater" deleted "C:\PROGRA~2\Ask.com\Updater" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\SveniO\AppData\Local\Temp ==== ====== Java Cache ===== 2014-04-05 11:37:44 4B9B7AA829D237CBAA052211DF9E539D 3673 ----a-w- C:\Users\SveniO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\47ce8b13-13f29215 2014-04-05 11:37:37 F9FF2752E37ADD544FBDAC8DEB68FBED 78 ----a-w- C:\Users\SveniO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\2b190760-6.0.lap 2014-04-05 11:37:37 D505164BC75B89822BC360D541D854DA 262734 ----a-w- C:\Users\SveniO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\784802a0-7855b11b 2014-04-05 11:37:38 4FF89A65EF2C1BAA8666DE0614D0A627 469 ----a-w- C:\Users\SveniO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\4de63de6-5192a7a7 2014-04-05 11:37:44 E5F3D764FEB1FC3C44731EA84AE1C9F7 1154 ----a-w- C:\Users\SveniO\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\40369808-4237c697 ====== C:\Windows\SysWOW64 ===== 2014-04-22 01:00:46 AA12D7A960DB78DD9690AB5B5DAE6586 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-04-22 01:00:44 CE6921D33682C6C3DB8A45853CC69402 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-04-22 01:00:42 A127D17C354B473B0F4C6265538F5A2C 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-04-22 01:00:40 EDACA6C44D9CE200F899B7DB0F201DFF 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-04-22 01:00:40 7E9FE7DB43BC204E44F159F843E35C15 367616 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-04-22 01:00:40 34FC79C948EE2C5FD0CD699E7D7F91B7 244224 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-04-22 01:00:39 EBC35FE64056910A84485BEEB6DCCAC6 524288 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-04-22 01:00:39 C9CA9803299EB6AFA34CB520BAAB083D 32256 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-22 01:00:39 82287FCFFA4A2D60FD744E3FEB3192C5 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-04-22 01:00:39 31385A6CAA31BE9D07B0B32E5AA99ABB 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-04-22 01:00:39 21BF6759685FD193715B483F2B3F21B1 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-04-22 01:00:39 0FDC1A576A3F40420882C0F7C4A66EAD 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-04-22 01:00:37 BB185D4A9362AA17CBCEC0768CDBF249 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-04-22 01:00:37 6557B48D53D653CFCCE3CB1CFA53A8E1 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-04-22 01:00:37 0F4A295516781897FFB09B4CCF2E8798 592896 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-04-22 01:00:36 E4E829EE073E046B0EB19B5FECB19B8C 1789440 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-04-22 01:00:36 76F58DB8F85C125E0D6B3AA42F3BF1D0 1143808 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-04-22 01:00:36 05BD47136DE62FAFE9F95B40E4100144 2178048 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-04-22 01:00:35 C4A383FD50FBD7E274DD41CF571DF898 1967104 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-04-22 01:00:34 EA85144F35EDE6EE25C484D4242FF2C8 17387008 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-04-22 01:00:34 2AFBB91BBD2378933B26E6D68C140D1B 11745792 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-04-22 01:00:33 8C46360D6EF9D4C563FE834C4F287DA3 4254720 ----a-w- C:\Windows\SysWOW64\jscript9.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-04-22 01:00:46 7446786E7092ABE122D372F95E6ED74B 574976 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-04-22 01:00:44 FFF555C177D9F2B79B5C3146BED09FB1 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-04-22 01:00:42 6A8AA25D37F89E40B834F34950E3B89B 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-04-22 01:00:41 D6067F7EE060C5D6D79008AD591B4E3B 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-04-22 01:00:41 964C89BC8A52A260D68C90FDDEB862E2 38400 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-04-22 01:00:41 72116CC377FF4281B0132C397026D911 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-04-22 01:00:41 3F498856C68725717195C16568FE19D0 586240 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-04-22 01:00:40 E7161E2C66FF9B1E87C30FC9D2497ABB 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-04-22 01:00:40 E0D95345D1EBB54F28E958782B9C0CE0 453120 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-04-22 01:00:40 CFBA793F678EB3855052ECF99357A9A1 296960 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-04-22 01:00:40 3F547245C78F4847B73EDDFD4A2F7E12 752640 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-04-22 01:00:39 CB57E934280D346AE0A9B053DAA284C5 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-04-22 01:00:39 A3F9A9E46BDDBB8B20B7CF3EEDB990F2 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-04-22 01:00:39 75AD355828187145A60E3DC7BAF7B0F3 628736 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-04-22 01:00:39 1BF215FF4DF6DE10D2F81A2CE85157D2 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-04-22 01:00:38 37D0FB9E5E8EDA40B66FC3FB3D660261 23549440 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-04-22 01:00:37 EBAD8A4D048ED257E4A45F6356541F86 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-04-22 01:00:37 A3A132CBE48AF0324466469F2CAAE8A2 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-04-22 01:00:37 915D8A9E112C97C90C654F792B6B28B9 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-04-22 01:00:37 710FD0E362A1A5C087DB90C1BAC46411 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-04-22 01:00:36 F220BA78AB542C70211D73AE4729B2CD 2260480 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-04-22 01:00:36 1F8534A19A66275C863DE17645CB2A13 2767360 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-04-22 01:00:35 A14BB2F5F6457738AAA11367F5172A05 13551104 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-04-22 01:00:35 32417AE8280276968E5C551ED85D3525 1400832 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-04-22 01:00:35 1654093C8BD3342997D27B71684ACCE8 2043904 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-04-22 01:00:33 BF25489459C7A762DD7B3186C7E3984D 5784064 ----a-w- C:\Windows\Sysnative\jscript9.dll ====== C:\Windows\Sysnative\drivers ===== 2014-04-18 13:01:56 E92276DB995B7E75DA9B9DD271058A8E 237336 ----a-w- C:\Windows\Sysnative\drivers\avgidsdrivera.sys 2014-04-08 20:15:47 B3222734D80013D2C73841B0C549FA63 27584 ----a-w- C:\Windows\Sysnative\drivers\Diskdump.sys 2014-04-08 20:15:47 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\Sysnative\drivers\storport.sys 2014-04-08 20:15:47 96BB922A0981BC7432C8CF52B5410FE6 274880 ----a-w- C:\Windows\Sysnative\drivers\msiscsi.sys 2014-04-08 20:15:45 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2014-03-31 14:20:54 F86A506DA0BF61402E19DB8AF0684C9A 274200 ----a-w- C:\Windows\Sysnative\drivers\avgtdia.sys 2014-03-31 14:06:26 DBFB9BEAE2816FDB4B4EF8C89AFA3DF0 130840 ----a-w- C:\Windows\Sysnative\drivers\avgmfx64.sys ====== C:\Windows\Tasks ====== 2014-04-12 12:52:40 9B7DD89F133CA1BD9830886D99F9EC12 3230 ----a-w- C:\Windows\Sysnative\Tasks\SidebarExecute ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2014-04-12 12:51:36 -------- d-----w- C:\PROGRA~2\AVG ======= C: ===== ====== C:\Users\SveniO\AppData\Roaming ====== 2014-04-26 15:11:32 -------- d-----w- C:\Users\SveniO\AppData\Roaming\SpaceEngineers 2014-04-22 16:48:25 -------- d-sh--w- C:\Users\SveniO\AppData\Local\EmieUserList 2014-04-22 16:48:25 -------- d-sh--w- C:\Users\SveniO\AppData\Local\EmieSiteList 2014-04-13 07:32:13 -------- d-----w- C:\Users\Default\AppData\Roaming\TuneUp Software 2014-04-13 07:32:13 -------- d-----w- C:\Users\Default User\AppData\Roaming\TuneUp Software 2014-04-12 20:41:06 -------- d-----r- C:\Users\SveniO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-12 12:52:46 -------- d-----w- C:\Users\SveniO\AppData\Roaming\AVG2014 2014-04-12 12:52:40 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2014 2014-04-12 12:52:29 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2014 2014-04-12 12:51:36 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2014 2014-04-12 12:50:38 -------- d-----w- C:\Users\SveniO\AppData\Local\Avg2014 2014-04-05 07:47:27 -------- d-----w- C:\Users\SveniO\AppData\Local\Tuguu_SL ====== C:\Users\SveniO ====== 2014-04-27 16:16:37 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\SveniO\Desktop\RSITx64.exe 2014-04-12 12:52:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-04-12 12:45:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-04-05 19:59:09 -------- d-----w- C:\ProgramData\AVG2014 2014-04-05 07:46:52 3C1E26A191C634458F0D19B9E45F0FA7 464 --sha-r- C:\ProgramData\ntuser.pol ====== C: exe-files == 2014-04-27 16:16:37 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\SveniO\Desktop\RSITx64.exe 2014-04-24 19:06:48 BE61A19D74B275D9AF129063C1E81600 5961776 ----a-w- C:\Program Files (x86)\AVG\AVG2014\avgcrema.exe 2014-04-22 01:00:43 F972DDD19A10F53D74021DDEAC07CCA6 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-04-22 01:00:43 E0155A11B26C7D5347069AB7ACB62D02 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-04-22 01:00:43 C5C7E33308BAE18BD9F59F9A93E85D33 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-04-22 01:00:43 BEA4E0C0BA936E8A3DB24D1A37BF70BE 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2014-04-22 01:00:41 3F498856C68725717195C16568FE19D0 586240 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-04-22 01:00:39 21BF6759685FD193715B483F2B3F21B1 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-04-22 01:00:39 1BF215FF4DF6DE10D2F81A2CE85157D2 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-04-22 01:00:37 A3A132CBE48AF0324466469F2CAAE8A2 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-04-22 01:00:37 710FD0E362A1A5C087DB90C1BAC46411 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-04-22 01:00:35 EA8386CA87165460D39A1D29FF11080B 809680 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-04-22 01:00:35 0667ED9F8E905E1F73DB60ACCEDCBCA7 811728 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe === C: other files == 2014-04-27 20:16:00 C1922985AD4868DE32B4FDE6B4E788A9 3528 ----a-w- C:\Users\SveniO\AppData\Local\SolidWorks\CXPA\20140427221558_20.4.0.0064.zip 2014-04-27 19:49:55 2CDBF7A22C2352E4A44277896E7F9437 3290 ----a-w- C:\Users\SveniO\AppData\Local\SolidWorks\CXPA\20140427214953_20.4.0.0064.zip 2014-04-27 19:42:05 17E994477FC0BD1833208BB0882215D1 1893 ----a-w- C:\Users\SveniO\AppData\Local\SolidWorks\CXPA\20140427214204_20.4.0.0064.zip 2014-04-27 19:41:20 BB05DF4D37902119CBAF66860B94D622 2518 ----a-w- C:\Users\SveniO\AppData\Local\SolidWorks\CXPA\20140427214119_20.4.0.0064.zip 2014-04-27 19:36:47 59894E4A4CF699CC33C4123A8141E4C3 1913 ----a-w- C:\Users\SveniO\AppData\Local\SolidWorks\CXPA\20140427213645_20.4.0.0064.zip 2014-04-27 19:31:45 2CA14CA82675715021A8AAE9AC8C7B40 1895 ----a-w- C:\Users\SveniO\AppData\Local\SolidWorks\CXPA\20140427213143_20.4.0.0064.zip 2014-04-27 19:31:06 536E196272FB3551B37C64778A3AB5F3 1881 ----a-w- C:\Users\SveniO\AppData\Local\SolidWorks\CXPA\20140427213104_20.4.0.0064.zip 2014-04-27 19:30:13 75DF29623492C429914F6F4DBEB27567 3555 ----a-w- C:\Users\SveniO\AppData\Local\SolidWorks\CXPA\20140427213011_20.4.0.0064.zip 2014-04-27 19:13:39 0192A2F216CB8E54DC2C95D02C0A686C 2522 ----a-w- C:\Users\SveniO\AppData\Local\SolidWorks\CXPA\20140427211338_20.4.0.0064.zip 2014-04-27 19:08:56 8924B7D18650A2C6CC7FE320722CBE52 2301 ----a-w- C:\Users\SveniO\AppData\Local\SolidWorks\CXPA\20140427210855_20.4.0.0064.zip 2014-04-27 19:07:18 1F987579F3D65EC3E5089C28E18E75EF 2502 ----a-w- C:\Users\SveniO\AppData\Local\SolidWorks\CXPA\20140427210716_20.4.0.0064.zip 2014-04-27 19:03:25 62E3D18F32D2FAD8BB4F1AA28A310663 13391 ----a-w- C:\Users\SveniO\AppData\Local\SolidWorks\CXPA\20140427210323_20.4.0.0064.zip 2014-04-27 18:51:18 B8A8921288F1FD75D27525149707A53D 13146 ----a-w- C:\Users\SveniO\AppData\Local\SolidWorks\CXPA\20140427205117_20.4.0.0064.zip 2014-04-27 18:34:30 B1685B440F3BEB83393DF259D7E33531 2233 ----a-w- C:\Users\SveniO\AppData\Local\SolidWorks\CXPA\20140427203420_20.4.0.0064.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3886362779-2204385146-2482240540-1001\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="C:\Users\SveniO\AppData\Roaming\uTorrent\uTorrent.exe" "RESTART_STICKY_NOTES"="C:\Windows\system32\StikyNot.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "ApnUpdater"="C:\Program Files (x86)\Ask.com\Updater\Updater.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "upfst_be_33.exe"="C:\Users\SveniO\AppData\Local\fst_be_33\upfst_be_33.exe -runonce" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="C:\Users\SveniO\AppData\Roaming\uTorrent\uTorrent.exe" "RESTART_STICKY_NOTES"="C:\Windows\system32\StikyNot.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google+ Auto Backup] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google+ Auto Backup" "hkey"="HKCU" "command"="\"C:\\Users\\SveniO\\AppData\\Local\\Programs\\Google\\Google+ Auto Backup\\Google+ Auto Backup.exe\" /autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="uTorrent" "hkey"="HKCU" "command"="\"C:\\Users\\SveniO\\AppData\\Roaming\\uTorrent\\uTorrent.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SolidWorks Background Downloader.lnk] "item"="SolidWorks Background Downloader" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\SolidWorks Background Downloader.lnk" "backup"="C:\\Windows\\pss\\SolidWorks Background Downloader.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\COMMON~1\\SOLIDW~1\\BACKGR~1\\SLDBGD~1.EXE" ==== Startup Folders ====================== 2014-04-12 20:41:06 1051 ----a-w- C:\Users\SveniO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/03/2014 11:50] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/04/2012 17:08] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\0" [c:\program files (x86)\internet explorer\iexplore.exe] "C:\Windows\SysNative\tasks\4777" [wscript.exe C:\Users\SveniO\AppData\Local\Temp\launchie.vbs //B] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{c1f9049a-3290-4967-9a3d-448f242ce94c}"="C:\Program Files (x86)\Re-markit Corp\158.xpi" [] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bodddioamolcibagionmmobehnbhiakf - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx[] cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\SveniO\AppData\Local\Temp\ccex.crx[] dhkplhfnhceodhffomolpfigojocbpcb - C:\Users\SveniO\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx[] mpieaakhacmfleokhjcjnpcnmnmpfkid - C:\Program Files (x86)\fbphotozoom\fbphotozoom13.crx[] Google Docs - SveniO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - SveniO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - SveniO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Browser Companion Helper - SveniO\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf Google Search - SveniO\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - SveniO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - SveniO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\SveniO\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3886362779-2204385146-2482240540-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-3886362779-2204385146-2482240540-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-3886362779-2204385146-2482240540-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully HKEY_USERS\S-1-5-21-3886362779-2204385146-2482240540-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully HKEY_USERS\S-1-5-21-3886362779-2204385146-2482240540-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully HKEY_USERS\S-1-5-21-3886362779-2204385146-2482240540-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3886362779-2204385146-2482240540-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully HKEY_USERS\S-1-5-21-3886362779-2204385146-2482240540-1001\Software\mozilla\Firefox\Extensions\{c1f9049a-3290-4967-9a3d-448f242ce94c} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\fbphotozoom@installdaddy.com deleted successfully ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="http=127.0.0.1:13828" "ProxyEnable"=dword:00000001 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid deleted successfully ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - F:\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\RunOnce: [upfst_be_33.exe] C:\Users\SveniO\AppData\Local\fst_be_33\upfst_be_33.exe -runonce O4 - HKCU\..\Run: [uTorrent] "C:\Users\SveniO\AppData\Roaming\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\system32\StikyNot.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = SveniO\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://F:\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://F:\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\SveniO\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - F:\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - F:\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E55B74AB-0B51-4BAE-A5B5-2531AB5EA4D9} (Uploader Control) - http://assets.photobox.com/assets/v/9wMLrL7vFWyhXJey6PFIGDYHwIs.cab O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (file missing) O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (file missing) O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (file missing) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\SveniO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\SveniO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\SveniO\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=448 folders=59 37512487 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\SveniO\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\SveniO\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 28/04/2014 at 21:52:28,71 ======================