Zoek.exe v5.0.0.0 Updated 05-July-2014 Tool run by Michiel on vr 11/07/2014 at 13:57:23,79. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Michiel_2\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 11/07/2014 14:01:03 Zoek.exe System Restore Point Created Succesfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3766204629-61776352-3966925753-1005\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully HKEY_CLASSES_ROOT\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Installed Programs ====================== 4K Video Downloader 3.2 Absolute Reminder Adobe Creative Cloud Adobe Photoshop CC Adobe Reader XI (11.0.07) - Nederlands Amazon Browser App Apple Software Update AVG 2014 AVG SafeGuard toolbar Bonjour CCleaner Dolby Home Theater v4 EA SportsT FIFA World Energy Management ExpressCache Free YouTube Download version 3.2.37.528 Freemake Video Downloader Google Chrome Google Drive Google Update Helper HitmanPro 3.7 HP Deskjet 3520 series Basissoftware van het apparaat HP Deskjet 3520 series Help HP Deskjet 3520 series Productverbeteringsonderzoek HP Deskjet 3520 series Setup Guide HP Photo Creations HP Update iCloud Intel AppUp(SM) center Intel(R) Management Engine Components Intel(R) PRO/Wireless Driver Intel(R) Processor Graphics Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology Intel(R) Rapid Start Technology Intel(R) Rapid Storage Technology Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel© PROSet/Wireless Software Intel© PROSet/Wireless WiFi Software Intel© Trusted Connect Service Client Java 7 Update 60 Java Auto Updater Lenovo EasyCamera Lenovo MediaShow6 Lenovo OneKey Recovery Lenovo PowerDVD10 Lenovo Smart Update Lenovo YouCam LenovoDrv_x64 LockKey Malwarebytes Anti-Exploit version 1.03.1.1220 Malwarebytes Anti-Malware versie 2.0.2.1012 MediaHuman YouTube to MP3 Converter versie 3.4.5 Microsoft Office 2013 voor Thuisgebruik en Studenten - nl-nl Microsoft Office 365 - nl-nl Microsoft Silverlight Microsoft SkyDrive Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 MyPC Backup NVIDIA-configuratiescherm 327.02 NVIDIA Grafisch stuurprogramma 327.02 NVIDIA Install Application NVIDIA Optimus 1.10.8 NVIDIA PhysX NVIDIA PhysX System Software 9.12.0613 NVIDIA Update 1.10.8 NVIDIA Update Components Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component Online Armor 7.0 Origin Power2Go Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Shared C Run-time for x64 Synaptics Pointing Device Driver UserGuide Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) Windows Driver Package - Lenovo Corporation (LAD) System (06/08/2012 1.0.0.3) ==== Running Processes ====================== C:\Program Files (x86)\Online Armor\OAcat.exe C:\Program Files (x86)\Online Armor\oasrv.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe C:\windows\SysWOW64\irstrtsv.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update Service.exe C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Program Files (x86)\Online Armor\oaui.exe C:\Program Files (x86)\Online Armor\OAhlp.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files\WindowsApps\24169BooStudio.TorrexBeta_1.1.0.140_x86__4whpyhnstjyn8\Torrex.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files (x86)\USB Camera\VM331STI.EXE C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe C:\Program Files (x86)\LockKey\LockKey.exe C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update.exe C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\AVG\AVG2014\avgui.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe C:\WINDOWS\SysWOW64\ctfmon.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe C:\Users\Michiel_2\Downloads\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Users\Michiel_2\Downloads\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.7 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BackupStack deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "vProt"=- ==== Deleting Files \ Folders ====================== C:\ProgramData\AVG Secure Search deleted C:\ProgramData\AVG Security Toolbar deleted C:\Program Files\AVG SafeGuard toolbar deleted C:\PROGRA~3\AVG SafeGuard toolbar deleted C:\Users\Michiel_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup deleted C:\Users\Michiel_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk deleted C:\Users\Michiel_2\Searches deleted C:\Users\Michiel_2\AppData\LocalLow\AVG SafeGuard toolbar deleted C:\WINDOWS\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted "C:\WINDOWS\Installer\1bea33.msi" deleted "C:\Users\Michiel_2\AppData\Local\AVG SafeGuard toolbar" not deleted "C:\Users\Michiel_2\AppData\Local\AVG SafeGuard toolbar\Chrome" not deleted "C:\Users\Michiel_2\AppData\Local\AVG SafeGuard toolbar\Chrome\Default" not deleted ==== System Specs ====================== Operating System: Microsoft Windows 8.1 6.3.9600 64 bits Manufacturer: LENOVO - Model: 4941 Install Date: 8/12/2013 15:22:13 Last Boot: 10/07/2014 1:04:59 Processor: Intel(R) Core(TM) i7-3517U CPU @ 1.90GHz Number of Processors: 4 Work Station Bootmode: Normal boot Total RAM: 8066 MB (free 4607 MB - 57) Computername: PC-MICHIEL Domain: WORKGROUP User: Michiel (Administrator account) Local Disk: C:\ - NTFS - 883 GB (free 816 GB) Local Disk: D:\ - NTFS - 24 GB (free 22 GB) CD \ DVD Drive: E:\ Bootdevice: \Device\HarddiskVolume4 Windows update: Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: AVG AntiVirus Free Edition 2014 On-access scanning disabled (Outdated) Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Virus: Bitdefender Antivirus Free Edition On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG AntiVirus Free Edition 2014 disabled (Outdated) Anti-Spyware: Bitdefender Antivirus Free Edition disabled (Outdated) Firewall: Online Armor Firewall disabled Internet Explorer Version: 11.0.9600.17126 Sun Java version: 1.7.0_60 (32-bit) ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\MICHIE~1\AppData\Local\Temp ==== 2014-07-11 12:00:52 FAA7F034B38E729A983965C04CC70FC1 4608 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\nsoA92A.tmp\nsProcess.dll 2014-07-11 12:00:41 CE1BEAC47395A91A25280ED33ED539AD 55849 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\~nsu.tmp\Au_.exe 2014-07-09 17:21:24 CC1E34422F0FE7957531B7DB55F193B5 5464192 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\BackupSetup.exe 2014-07-09 16:33:35 24A773CC15CFB166B155E082BEBCD4F1 24474752 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\tmpi86rui\googledrivesync.exe 2014-06-28 14:55:12 DADF458CDA563109C5E53B2B7669C2F8 16922360 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\ThreatScanner.exe 2014-06-28 14:55:06 2CFC225988F4932DF538CF5F4BED3C8B 17348032 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\installerpackage.exe 2014-06-28 14:54:18 A51C2369EEF4FC159B9A9DA695A7E990 970088 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\lang\pt-BR.exe 2014-06-28 14:54:18 5B230017B04914B12070552EC5419867 1043000 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\lang\ro-RO.exe 2014-06-28 14:54:18 574E467C75840E19D3196C52947B6081 1837096 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\lang\en-US.exe 2014-06-28 14:54:18 34F92C8A489F04D401A8E3E5A49F7959 969400 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\lang\it-IT.exe 2014-06-28 14:54:16 FE8986D39CF82FF9ED856571E64F4843 223344 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\wspack.dll 2014-06-28 14:54:16 DBB5106CEE548C085FC2D33E9AB59BE7 297016 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\wsutils.dll 2014-06-28 14:54:16 6034B71DC75CB71635181457EE8EBE24 1524288 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\wslib.dll 2014-06-28 14:54:15 EB1E6129696EE881DE94F383BEE0B117 131552 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\core\bdcore.dll 2014-06-28 14:54:15 E2316D482BCD6CADD878500D132BCEF5 815600 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\setuplauncher.exe 2014-06-28 14:54:15 D9621F7E1DC3E40AAD4A7D0736A33A3B 567888 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\Installer.exe 2014-06-28 14:54:15 95B779329680265CE36BDFA0BC953A13 216664 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\unrar64.dll 2014-06-28 14:54:15 804A78FF4F68125B5D4E4EEECA642FEA 126560 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\npcomm.dll 2014-06-28 14:54:15 132C0E39AF0312E6B9611E2E1B344D41 382536 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\trufos.sys 2014-06-28 14:54:15 0A7FC87768E1C181D3F903DF19F34A80 511232 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\trufos.dll 2014-06-28 14:54:14 8477FB1D573CE8F8B92E71302308D399 14720 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\WPFKickstarter.exe 2014-06-28 14:54:14 74AB0D9CB6EC7B9E796C0A4FED20C766 3762472 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\htmlayout.dll 2014-06-28 14:54:14 6505373F3B9261A536EF402F55B5DE79 190384 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\bdardrv.dll 2014-06-28 14:54:14 5BB8E15835F5D0A5BD99492C5D85A672 101328 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\bdmetrics.dll 2014-06-28 14:54:14 509A03DFFBB3FEC4B2BCCADCAB903C4B 76584 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\gzfltum.dll 2014-06-28 14:54:14 408B664926675C270D911160F1631D6B 148696 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\gzflt.sys 2014-06-28 14:54:14 377DBA1E531CD11EBC45B907B454D247 156304 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\avcheck.exe 2014-06-28 14:54:14 28C9690641CC746F778AB94EED54C4B0 2360064 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\additional.dll 2014-06-28 14:54:14 199F11A6FC6689BFCCF1A9E7832C3B63 15232 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\WPFKickstarter4.exe 2014-06-28 14:54:14 01726E53C80083F4C02CDB834266C68C 148160 ----a-w- C:\Users\Michiel_2\AppData\Local\Temp\RarSFX0\bdnc.dll ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2014-07-09 16:30:27 0A9EB3956BCB7E5CDE15AF987BD81543 488960 ----a-w- C:\WINDOWS\SysWOW64\qedit.dll ====== C:\WINDOWS\SysWOW64\drivers ===== 2014-07-09 16:35:23 EF80132A2634B1F5751507C50215DACE 64720 ----a-w- C:\WINDOWS\SysWOW64\drivers\OADriver.sys 2014-07-09 16:35:23 B96FBA4157328A0740575AFBA5DC87C9 52360 ----a-w- C:\WINDOWS\SysWOW64\drivers\OAmon.sys 2014-07-09 16:35:23 0DF8148945D4BCE2C262FFB4AB041954 62008 ----a-w- C:\WINDOWS\SysWOW64\drivers\oahlp64.sys ====== C:\WINDOWS\Sysnative ===== 2014-07-09 16:30:27 78FC2B2BA0E5E1C9249E3157D4EE9BC7 586240 ----a-w- C:\WINDOWS\Sysnative\qedit.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2014-07-09 16:35:23 82DA0901A5F9F9E0998002BDD8033785 35368 ----a-w- C:\WINDOWS\Sysnative\drivers\OAnet.sys 2014-06-23 12:14:58 182561A14F2E93E81E66FE3700D17A5A 55328 ----a-w- C:\WINDOWS\Sysnative\drivers\wpcfltr.sys 2014-06-21 17:31:30 F92B0E478C0FAA6D6661E6E977247E60 25816 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys 2014-06-21 17:31:30 5BDD44F2D43C4A9ABBD0675724676919 91352 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys 2014-06-21 17:31:30 0664F6335F108F38FE08C3CA747311EE 64216 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys 2014-06-19 17:21:05 7688C67BDF55500C1FDC8291230C397D 50464 ----a-w- C:\WINDOWS\Sysnative\drivers\avgtpx64.sys 2014-06-17 14:21:34 5D115BF49AE159D4D7D1EBC640CB138F 235800 ----a-w- C:\WINDOWS\Sysnative\drivers\avgldx64.sys 2014-06-17 14:06:24 B0E4A1F342A3F8B75C4A4ADB044761C9 190744 ----a-w- C:\WINDOWS\Sysnative\drivers\avgidsha.sys 2014-06-17 14:06:22 946C038A7274D689A004785E581FAD5F 153368 ----a-w- C:\WINDOWS\Sysnative\drivers\avgdiska.sys 2014-06-17 14:06:22 50E7E80BB5F3E2BB0B48F3F7E17ED6B1 242968 ----a-w- C:\WINDOWS\Sysnative\drivers\avgidsdrivera.sys 2014-06-17 14:06:20 D9CED15E158573DE1BB67330C4206763 123672 ----a-w- C:\WINDOWS\Sysnative\drivers\avgmfx64.sys 2014-06-17 14:06:06 C4F9056928B26BCAF15872E46B29184F 31512 ----a-w- C:\WINDOWS\Sysnative\drivers\avgrkx64.sys 2014-06-12 16:47:26 D18EC2C83C2F773C9476A4FB0AA4C314 295424 ----a-w- C:\WINDOWS\Sysnative\drivers\ks.sys 2014-06-12 13:42:43 92370F46AF28D54B67C135FA8C2AFCFC 1200128 ----a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys 2014-06-12 13:42:42 7C7BE474915166B61B84C025F1F10157 563200 ----a-w- C:\WINDOWS\Sysnative\drivers\afd.sys 2014-06-12 13:42:41 FD163F487CBA9C98AFFEB546C80F49A2 677376 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys 2014-06-12 13:42:41 78514B073CC5775800A65BFB82A0D66B 443904 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys 2014-06-12 13:42:41 4BB9BC49DEE1A319EC58274A7BBED663 310616 ----a-w- C:\WINDOWS\Sysnative\drivers\volsnap.sys 2014-06-12 13:42:40 DBA635C6398782C549E3BE45CF1D0411 206848 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys 2014-06-12 13:42:40 0696F66E4D423793951A60562F794D14 402432 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys 2014-06-12 13:42:38 F152D55E497E12256290C43B31C7D0CE 589656 ----a-w- C:\WINDOWS\Sysnative\drivers\fvevol.sys 2014-06-12 13:42:38 CADCE0D6C30427F70A4BFA426256F68C 337240 ----a-w- C:\WINDOWS\Sysnative\drivers\Classpnp.sys 2014-06-12 13:42:38 498288DD5CA42C2D36D125893E968C53 77312 ----a-w- C:\WINDOWS\Sysnative\drivers\hdaudbus.sys 2014-06-12 13:42:37 D90AB68D0FAC9F357F663670FDBB511E 275800 ----a-w- C:\WINDOWS\Sysnative\drivers\msiscsi.sys 2014-06-12 13:42:37 716059F37BCCB1ABEDE99EBE82E8E362 246272 ----a-w- C:\WINDOWS\Sysnative\drivers\srvnet.sys 2014-06-12 13:42:36 4C1E71E37B56C768900B1FCF81205027 372568 ----a-w- C:\WINDOWS\Sysnative\drivers\storport.sys 2014-06-12 13:42:35 6592D192E2823C043EDBC010E7774053 360792 ----a-w- C:\WINDOWS\Sysnative\drivers\fltMgr.sys 2014-06-12 13:42:35 33977549C2CED09936E05BEE7659EAFF 384856 ----a-w- C:\WINDOWS\Sysnative\drivers\spaceport.sys 2014-06-12 13:37:57 A9749FD0A06E22009EA972D8B9CB046B 428888 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS 2014-06-12 13:37:57 4B666AE119D2ADBAC816BEA7DB4D6881 2518872 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-07-09 16:36:25 -------- d-----w- C:\Program Files\HitmanPro 2014-07-09 16:23:36 -------- d-----w- C:\Program Files\trend micro 2014-06-28 14:55:02 -------- d-----w- C:\Program Files\Bitdefender ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Michiel_2\AppData\Roaming ====== 2014-07-09 16:37:38 -------- d-----w- C:\Users\Michiel_2\AppData\Roaming\OnlineArmor 2014-06-28 15:00:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\QuickScan 2014-06-28 14:52:54 -------- d-----w- C:\Users\Michiel_2\AppData\Roaming\QuickScan 2014-06-19 17:21:34 -------- d-----w- C:\Users\Michiel_2\AppData\Local\AVG SafeGuard toolbar ====== C:\Users\Michiel_2 ====== ====== C: exe-files == === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3766204629-61776352-3966925753-1005\Software\Microsoft\Windows\CurrentVersion\Run] "HP Deskjet 3520 series (NET)"="C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe -deviceID CN2AR1241405SY:NW -scfn HP Deskjet 3520 series (NET) -AutoStart 1" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "331BigDog"="C:\Program Files (x86)\USB Camera\VM331STI.EXE" "LockKey"="C:\Program Files (x86)\LockKey\LockKey.exe" "Dolby Home Theater v4"="C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe -autostart" "Smart Update"="C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update.exe -s" "YouCam Mirage"="C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" "YouCam Tray"="C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe /s" "RemoteControl10"="C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" "Intel AppUp(SM) center"="C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "Malwarebytes Anti-Exploit"="C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HP Deskjet 3520 series (NET)"="C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe -deviceID CN2AR1241405SY:NW -scfn HP Deskjet 3520 series (NET) -AutoStart 1" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 " "BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll,TrayApp" "Energy Management"="C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe" "EnergyUtility"="C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "@OnlineArmor GUI"="C:\Program Files (x86)\Online Armor\oaui.exe" "SynLenovoGestureMgr"=""%ProgramFiles%\Synaptics\SynTP\SynLenovoGestureMgr.exe" /m" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cf2fdafc58bc18.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22/11/2013 16:59] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22/11/2013 16:59] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore1cf2fdafc58bc18" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\HPCustParticipation HP Deskjet 3520 series" ["C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe"] "C:\WINDOWS\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe] "C:\WINDOWS\SysNative\tasks\Synaptics TouchPad Enhancements" [\Program Files\Synaptics\SynTP\SynTPEnh.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{99D61102-5AC6-4F76-B73D-3C6F420C278F}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Chrome Look ====================== Google Docs - michiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - michiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - michiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - michiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - michiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - michiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - Michiel_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Michiel_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Michiel_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Michiel_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf AdBlock - Michiel_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Webcam Toy - Michiel_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade Google Wallet - Michiel_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Battlefield Play4Free - Michiel_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh Gmail - Michiel_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE O4 - HKLM\..\Run: [LockKey] C:\Program Files (x86)\LockKey\LockKey.exe O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart O4 - HKLM\..\Run: [Smart Update] C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update.exe -s O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2AR1241405SY:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: Verzenden naar Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Verzenden naar Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU) O9 - Extra 'Tools' menuitem: Verzenden naar Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - (no file) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: ExpressCache - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\windows\SysWOW64\irstrtsv.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Lenovo Smart Update Service - Lenovo - C:\Program Files (x86)\Lenovo\Lenovo Smart Update\Lenovo Smart Update Service.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Malwarebytes Anti-Exploit Service (MbaeSvc) - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Online Armor Helper Service (OAcat) - Unknown owner - C:\Program Files (x86)\Online Armor\OAcat.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files (x86)\Online Armor\oasrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\michiel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\michiel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Michiel_2\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Michiel_2\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\michiel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Michiel_2\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=361 folders=126 105069137 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\michiel\AppData\Local\Temp emptied successfully C:\Users\Michiel_2\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\MICHIE~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Michiel_2\AppData\Local\AVG SafeGuard toolbar" not found ==== EOF on za 12/07/2014 at 1:04:26,65 ======================