Zoek.exe v5.0.0.0 Updated 27-09-2014 Tool run by michiel on 29/09/2014 at 22:31:21.70. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\michiel\Desktop\zoek.exe [Scan all users] [Checkboxes used] ==== System Restore Info ====================== 29/09/2014 22:38:45 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe C:\Users\michiel\AppData\Local\Akamai\netsession_win.exe C:\Users\michiel\AppData\Local\Akamai\netsession_win.exe C:\Users\michiel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe C:\Users\michiel\Desktop\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\q3thlucm.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_092014_2245_.backup ProfilePath: C:\Users\michiel\AppData\Roaming\Mozilla\Firefox\Profiles\h0rcpohr.default user.js not found ---- Lines snap.do removed from prefs.js ---- user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\",\\\"www.only-apartments.es\\\ ---- Lines snapdo removed from prefs.js ---- user_pref("keyword.URL", "http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uy24NiqVqYlCKedguhd0iCMGePuqKt9l5SyD_1Rz9XZiIg8Svq-fW7kp3JreITu ---- Lines helperbar removed from prefs.js ---- user_pref("extensions.helperbar.backPageCapacity", 3); user_pref("extensions.helperbar.backPageCounter", 0); user_pref("extensions.helperbar.backPageDay", 11); user_pref("extensions.helperbar.backPageLastEvent", "1399638792714"); user_pref("extensions.helperbar.backPageMinInterval", 15); user_pref("extensions.helperbar.barcodeid", "47360"); user_pref("extensions.helperbar.countryiso", "be"); user_pref("extensions.helperbar.DockingPositionDown", false); user_pref("extensions.helperbar.downloadprovider", "somoto"); user_pref("extensions.helperbar.fromautoupdate", "false"); user_pref("extensions.helperbar.installationid", "fa21dce5-18d4-053a-93e4-4b3cb8aec6e4"); user_pref("extensions.helperbar.installdate", "11/05/2014"); user_pref("extensions.helperbar.keepAliveLastevent", "1399811591"); user_pref("extensions.helperbar.lastExternalJsUpdate", "1399811594782"); user_pref("extensions.helperbar.publisher", "somoto"); user_pref("extensions.helperbar.SmartbarDisabled", false); user_pref("extensions.helperbar.SmartbarStateMinimaized", false); user_pref("extensions.helperbar.Visibility", false); ---- FireFox user.js and prefs.js backups ---- prefs_092014_2245_.backup ==== Deleting Files \ Folders ====================== C:\Users\michiel\.android deleted C:\PROGRA~3\APN deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\END deleted C:\WINDOWS\SysNative\config\systemprofile\Searches deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 6022 MB CPU Info: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz CPU Speed: 2397.6 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | NVIDIA GeForce GT 635M Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Realtek PCIe GBE Family-controller | Qualcomm Atheros AR9485 Wireless-netwerkadapter CD / DVD Drives: 1x (E: | ) E: Slimtype DVD A Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 279.0GB | D: 397.9GB Hard Disks - Free: C: 179.8GB | D: 397.7GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | _ASUS_ - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: ASUSTeK COMPUTER INC. K75VJ Country: United Kingdom Language: ENG ==== System Specs (Software) ====================== Anti-Virus: Bitdefender Antivirus On-access scanning disabled (Outdated) Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Bitdefender Antispyware disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Firefox 32.0.3 Internet Explorer Version: 11.0.9600.17278 Mozilla Firefox version: 32.0.3 (x86 nl) Adobe Reader version: 11.0.9.29 Flash Player version: 15.0.0.152 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2014-09-14 21:31:21 ACDBE1ED38167C8B01B8F63161BB2CEA 2374784 ----a-w- C:\WINDOWS\explorer.exe ====== C:\Users\michiel\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2014-09-16 04:35:37 CA573004E12C7D5F474D3614F5532074 706016 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-09-16 04:35:37 0F945C84360FA65F1B074DB471730E34 105440 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== ====== C:\WINDOWS\Sysnative\drivers ===== 2014-09-16 18:02:31 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_LocationProvider_01_11_00.Wdf 2014-09-14 21:30:51 FEBAA7D782E30882FFF1CBCBBE8AD467 2515264 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2014-09-14 21:30:46 6416E79A58A8FCC33A447A4DDDD3BF04 412160 ----a-w- C:\WINDOWS\Sysnative\drivers\srv.sys 2014-09-14 21:30:45 038C77D577900EE39410662478BB0D50 2009920 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2014-09-14 21:30:44 77E1D08EF3BFB923F2EDC3FC8089E08E 475968 ----a-w- C:\WINDOWS\Sysnative\drivers\netio.sys 2014-09-14 21:30:44 5BED3AB69797C8786EF70AEA8C33748B 674816 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys 2014-09-14 21:30:42 240C5C3793206725AA05665851E8C214 412992 -c--a-w- C:\WINDOWS\Sysnative\drivers\spaceport.sys 2014-09-14 21:30:40 FF78D053A05E5A394F4E3C1816CC65A8 143680 -c--a-w- C:\WINDOWS\Sysnative\drivers\usbccgp.sys 2014-09-14 21:30:40 64CA2B4A49A8EAF495E435623ECCE7DB 310080 -c--a-w- C:\WINDOWS\Sysnative\drivers\volsnap.sys 2014-09-14 21:30:37 65392F3F3F65E4C6CC82A0F4F8A0B051 468288 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2014-09-14 21:30:36 D047CD668E6277FD80F0C613946F034C 246272 ----a-w- C:\WINDOWS\Sysnative\drivers\srvnet.sys 2014-09-14 21:30:36 26ACA481FAFEC59FE311D719E3027BBA 446976 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys 2014-09-14 21:30:35 FEF0BC107812B36849741C3211BA6B60 419648 -c--a-w- C:\WINDOWS\Sysnative\drivers\usbhub.sys 2014-09-14 21:30:32 9C096BF5E10CA8BFA56F32522A89FAF1 79872 ----a-w- C:\WINDOWS\Sysnative\drivers\IPMIDrv.sys 2014-09-14 21:30:31 E4B4BE2D7750849C07589DA0B0AABA01 1118040 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2014-09-14 21:30:30 D4B7ED39C7900384D9E5C1283F1E7926 76800 -c--a-w- C:\WINDOWS\Sysnative\drivers\hdaudbus.sys 2014-09-14 21:30:30 C910E5D18958914A66F0E45689D0B40A 206848 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys 2014-09-14 21:30:30 B1AA3B19A2E596A59224F893E01A5A75 126464 ----a-w- C:\WINDOWS\Sysnative\drivers\NdisImPlatform.sys 2014-09-14 21:30:29 E0927EFA25D473367C3341B9F5969779 115712 ----a-w- C:\WINDOWS\Sysnative\drivers\bridge.sys 2014-09-14 21:30:26 91ED124E261EA8FAA1C0FFDF2A71B0C4 280384 -c--a-w- C:\WINDOWS\Sysnative\drivers\pci.sys 2014-09-14 21:30:26 1DD05F4857C2188744B9E864658949DD 295424 ----a-w- C:\WINDOWS\Sysnative\drivers\ks.sys 2014-09-14 21:23:11 8DF1254093B5C354CE725EB6B9B0DE19 146752 ----a-w- C:\WINDOWS\Sysnative\drivers\msgpioclx.sys ====== C:\WINDOWS\Tasks ====== 2014-09-27 18:10:17 B215DD18028D5FF35CCF9C788E34697E 3464 ----a-w- C:\WINDOWS\Sysnative\Tasks\{7592056E-4528-43BE-B4AD-DD7BC49BB843} ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-09-29 17:00:04 -------- d-----w- C:\Program Files\trend micro 2014-09-27 18:13:15 -------- d-----w- C:\Program Files\Microsoft Office 15 2014-09-05 09:15:16 -------- d-----w- C:\Program Files\gs ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\michiel\AppData\Roaming ====== 2014-09-28 19:56:58 -------- d-----w- C:\Users\Gast\AppData\Roaming\WebStorage 2014-09-28 19:49:27 -------- d-----w- C:\Users\Gast\AppData\Roaming\Mozilla 2014-09-28 19:49:27 -------- d-----w- C:\Users\Gast\AppData\Local\Mozilla 2014-09-28 19:47:46 -------- d-----w- C:\Users\Gast\AppData\Roaming\ClassicShell 2014-09-28 19:47:26 -------- d-----w- C:\Users\Gast\AppData\Roaming\Bitdefender 2014-09-28 19:47:24 B27C186BB3FBCE9EB723B9692B751D37 401 ----a-w- C:\Users\Gast\AppData\Roaming\sp_data.sys 2014-09-28 19:47:03 -------- d-----r- C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-09-28 19:47:03 -------- d-----r- C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-09-28 19:46:53 -------- d-----w- C:\Users\Gast\AppData\Roaming\Adobe 2014-09-28 19:46:52 -------- d-----w- C:\Users\Gast\AppData\Local\Packages 2014-09-28 19:46:49 -------- d-s---w- C:\Users\Gast\AppData\Locallow\Microsoft 2014-09-28 19:46:48 -------- d-----w- C:\Users\Gast\AppData\Local\VirtualStore 2014-09-28 19:46:48 -------- d-----w- C:\Users\Gast\AppData\Local\ASUS 2014-09-28 19:46:44 -------- d-s---w- C:\Users\Gast\AppData\Roaming\Microsoft 2014-09-28 19:46:44 -------- d-----w- C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-09-28 19:46:44 -------- d-----w- C:\Users\Gast\AppData\Local\Temp 2014-09-28 19:46:44 -------- d-----w- C:\Users\Gast\AppData\Local\Microsoft 2014-09-28 19:46:44 -------- d-----r- C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-09-28 19:46:44 -------- d-----r- C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-09-28 19:46:44 -------- d-----r- C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-09-27 18:57:59 -------- d-----w- C:\Users\michiel\AppData\Local\ElevatedDiagnostics 2014-09-04 07:58:44 -------- d-----w- C:\Users\michiel\AppData\Local\Diagnostics ====== C:\Users\michiel ====== 2014-09-29 16:57:20 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\michiel\Downloads\RSITx64.exe 2014-09-28 19:47:03 -------- d-----r- C:\Users\Gast\Searches 2014-09-28 19:47:03 -------- d-----r- C:\Users\Gast\Contacts 2014-09-28 19:46:46 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Gast\ntuser.ini 2014-09-28 19:46:44 -------- d--h--w- C:\Users\Gast\AppData 2014-09-28 19:46:44 -------- d-----r- C:\Users\Gast\Videos 2014-09-28 19:46:44 -------- d-----r- C:\Users\Gast\Saved Games 2014-09-28 19:46:44 -------- d-----r- C:\Users\Gast\Pictures 2014-09-28 19:46:44 -------- d-----r- C:\Users\Gast\Music 2014-09-28 19:46:44 -------- d-----r- C:\Users\Gast\Links 2014-09-28 19:46:44 -------- d-----r- C:\Users\Gast\Favorites 2014-09-28 19:46:44 -------- d-----r- C:\Users\Gast\Downloads 2014-09-28 19:46:44 -------- d-----r- C:\Users\Gast\Documents 2014-09-28 19:46:44 -------- d-----r- C:\Users\Gast\Desktop 2014-09-27 19:55:21 F5636BC81162F8863D0B2318F07208AF 1919064 ----a-w- C:\Users\michiel\Downloads\BitTorrent.exe 2014-09-27 18:14:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2014-09-27 18:13:02 AD7AB03B57B3A6D5479BA486859B7D05 1056440 ----a-w- C:\Users\michiel\Downloads\Setup.X86.nl-nl_O365ProPlusRetail_4dc2db24-4604-4e2e-a79e-8274929e7aff_TX_PR_(1).exe 2014-09-27 18:09:00 AD7AB03B57B3A6D5479BA486859B7D05 1056440 ----a-w- C:\Users\michiel\Downloads\Setup.X86.nl-nl_O365ProPlusRetail_4dc2db24-4604-4e2e-a79e-8274929e7aff_TX_PR_.exe ====== C: exe-files == 2014-09-29 16:57:20 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\michiel\Downloads\RSITx64.exe 2014-09-27 19:55:21 F5636BC81162F8863D0B2318F07208AF 1919064 ----a-w- C:\Users\michiel\Downloads\BitTorrent.exe 2014-09-27 18:20:37 D741359CAD4ED3D90BE624E48B60C47B 217768 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\MSOXMLED.EXE 2014-09-27 18:20:28 A0025CFA1A6FEE1D5F53D31F8AA8242D 28296 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\DCF\Common.DBConnection64.exe 2014-09-27 18:20:25 13ACDC68FAD1BE0E6E44A47E0EB5C475 842440 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\DW20.EXE 2014-09-27 18:20:12 66EDCE45573F8673DF9379F119CFE343 90720 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\MSOHTMED.EXE 2014-09-27 18:20:10 FE9C0029E1AF26350D9985D00520E5C8 5132888 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 2014-09-27 18:20:09 BE9C758721B33A78BC656C46C319AEE6 15968 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Smart Tag\SmartTagInstall.exe 2014-09-27 18:20:06 2661516FC0165AFDA792B6148FA4DB79 95184 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\110\SQLDumper.exe 2014-09-27 18:20:02 69E59604C31620F415708DED300D3D1E 705192 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\DCF\SPREADSHEETCOMPARE.EXE 2014-09-27 18:19:53 0CF56A130CB5DA4FF6D16B3461074400 14928 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\DCF\Common.ShowHelp.exe 2014-09-27 18:19:44 167E713975F87CFDC5F05D5ED08FBD85 7651536 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CMigrate.exe 2014-09-27 18:19:36 A789DDA5192980D81DBB01D55811DEA9 49848 ----a-w- C:\Program Files\Microsoft Office 15\root\flattener\Flattener.exe 2014-09-27 18:19:35 B9E8AE87F0DEDB2E6C164E4BFEA02E7C 39576 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\AppSharingHookController64.exe 2014-09-27 18:19:20 6877C98E14A0356DBEFC11AD7C30AB1D 28784 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\DCF\Common.DBConnection.exe 2014-09-27 18:19:04 28F928C86873B30E508C3D4C976495AE 199760 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\DCF\filecompare.exe 2014-09-27 18:19:03 A586C54F21EF129FBFB9F9ECF5CC96E6 281768 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\DCF\DATABASECOMPARE.EXE 2014-09-27 18:18:55 AD6502512DAB0512295F9051514343BB 474336 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\DWTRIG20.EXE 2014-09-27 18:18:52 96EA29F53F0475C4189008DFA22A89C3 6077128 ----a-w- C:\Program Files\Microsoft Office 15\root\Integration\OneDriveSetup.exe 2014-09-27 18:18:44 3C283C1BFA1D88C2D4D52148CE62A7C7 543360 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\EQUATION\EQNEDT32.EXE 2014-09-27 18:18:42 30B5F9FB0C35AE6B4A0851D24CE2EE8B 150600 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Source Engine\OSE.EXE 2014-09-27 18:16:30 8FF1A393FD0CF4E888C4EBC73AF4F252 590536 ----a-w- C:\Program Files\Microsoft Office 15\root\Integration\Integrator.exe 2014-09-27 18:16:28 C419E73483ADA429BF4693D77CE49279 145056 ----a-w- C:\Program Files\Microsoft Office 15\root\client\AppVDllSurrogate64.exe 2014-09-27 18:16:28 B950312617FB5EE9DD30C6A9B3B6EADE 311552 ----a-w- C:\Program Files\Microsoft Office 15\root\client\AppVLP.exe 2014-09-27 18:16:28 33DFE1A4E0072E6815D653AABC0A8444 124072 ----a-w- C:\Program Files\Microsoft Office 15\root\client\AppVDllSurrogate32.exe 2014-09-27 18:14:17 F9E4B109A9D327D1239E491E29578A2E 550584 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\MSOSQM.EXE 2014-09-27 18:14:17 F79A490D9614CA9B8FC23409AF817EBA 5624016 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CMigrate.exe 2014-09-27 18:14:17 E8E3518A752004AF04B9BE7BCB1B8420 207008 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\MSOXMLED.EXE 2014-09-27 18:14:17 D40360ABC2BB38EE202F145CAF204E99 614568 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\MSOICONS.EXE 2014-09-27 18:14:17 5EFF8107B969FFED8FD43CF784E3041A 1090768 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe 2014-09-27 18:14:17 1FA58353814828F9B3D31CB01BFFCE6D 81648 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE 2014-09-27 18:14:17 1A46825F604C22732FC882D06A70D473 150704 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\FLTLDR.EXE 2014-09-27 18:13:26 FFB06B4DA29F53FC3EBC4375D3E8143E 6484136 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\lynchtmlconv.exe 2014-09-27 18:13:26 F74059079C0B2765D65F441A088A27EE 87240 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\NAMECONTROLSERVER.EXE 2014-09-27 18:13:26 F5D36DD4F4954883E1C3FF45FD2CA245 21931672 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe 2014-09-27 18:13:26 EA57B55845B2BCF7E41886916DCB1704 1783968 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\INFOPATH.EXE 2014-09-27 18:13:26 E2CD290381C86BE22C0628FBD17FE0C8 517360 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\IEContentService.exe 2014-09-27 18:13:26 D679931089526AF06B9D15A8A44EB53F 228544 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\CLVIEW.EXE 2014-09-27 18:13:26 CA7EB396E5D8618855A87C1E51072E7B 1923224 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE 2014-09-27 18:13:26 BCDBD0DCD1A079CE468DA0E881F3C767 4522688 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\GRAPH.EXE 2014-09-27 18:13:26 BAEA09EE9DEFB8A3935DB5EE0CF4A0F0 3748008 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ACCICONS.EXE 2014-09-27 18:13:26 A8DC5CC29AD3B5608C4028A2FC64B8FD 3015336 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\WORDICON.EXE 2014-09-27 18:13:26 A26A02BE800686B88F69B76BE5EC7326 3509416 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\PPTICO.EXE 2014-09-27 18:13:26 9FBDB0A7CE69D8B0AAB0A613554F0DF0 8603832 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\GROOVE.EXE 2014-09-27 18:13:26 98D3A7B6EC8360577B8E5FBD413FA713 153248 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\CNFNOT32.EXE 2014-09-27 18:13:26 8F2576BF4A07EDC6EB475ED0D9AF6A15 569584 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ORGCHART.EXE 2014-09-27 18:13:26 89FCD7CB454386CEDEB5DFF98637830A 50392 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\SETLANG.EXE 2014-09-27 18:13:26 866F5B7DE44901934A3F020C6FEB9E97 40680 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\SCANPST.EXE 2014-09-27 18:13:26 80C830207A104F6C1BDE91D0D86D8685 195240 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE 2014-09-27 18:13:26 7EB78DC7EEAAFE9ECD788D1CCBC8EFAB 22592 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\Wordconv.exe 2014-09-27 18:13:26 7BA52235E256DC309D5E808B6C358FDE 3685544 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\XLICONS.EXE 2014-09-27 18:13:26 5D033FD42AEEDF2694295B267F28538F 280232 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msoia.exe 2014-09-27 18:13:26 587CD7A6BB885BA952D174872E4ED899 33968 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msoev.exe 2014-09-27 18:13:26 584A238B8BB7FD8AC6C89362941AA514 33440 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\AppSharingHookController.exe 2014-09-27 18:13:26 54571FBCF53B33B8AD89C86FDFDF5CFA 449216 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE 2014-09-27 18:13:26 4E28F3BDCF66DEB0C3E9E2D6A8BBFBEE 18945704 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE 2014-09-27 18:13:26 4DEEDF0559E2A5E8A3B32220975A490B 497848 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSOUC.EXE 2014-09-27 18:13:26 4C3B97A5E937EA214096F4DF33D34FE3 700064 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSQRY32.EXE 2014-09-27 18:13:26 4BCE37BACBAB333187BB6E0F0B9F4C43 9597096 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\PDFREFLOW.EXE 2014-09-27 18:13:26 4ACD864F48B46E30A15434F5BC69D0A9 18998936 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\lync.exe 2014-09-27 18:13:26 4883FFDFC482CE29D50E34750C592C22 528576 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\VPREVIEW.EXE 2014-09-27 18:13:26 3B3EBE7EE88DC7C3B35E6672F764EC37 10760352 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSPUB.EXE 2014-09-27 18:13:26 3A2C7CE18457029CC91BDE20281FA9CD 1026728 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\misc.exe 2014-09-27 18:13:26 32FE71AE4EE91571815CE2AE25613827 33976 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msotd.exe 2014-09-27 18:13:26 3174547EDDEC82C303A1BB4D1F47D1D0 1296080 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\OcPubMgr.exe 2014-09-27 18:13:26 2ECE1C04DD7280A82A0EC1A259016B54 874160 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe 2014-09-27 18:13:26 2BF5543B4CAE1EF8EA8FAFB81BF7B2E8 665248 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\UcMapi.exe 2014-09-27 18:13:26 1F081FC968D71544B5692178607FD682 991904 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\FIRSTRUN.EXE 2014-09-27 18:13:26 1B9CE92B611FFB9304405248D541A837 480984 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\SELFCERT.EXE 2014-09-27 18:13:26 1A85EEDAB6D5F89864FE1A9F5F11457F 1846960 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\POWERPNT.EXE 2014-09-27 18:13:26 18B22B1B507B4ED6F4A0DBF68198D394 25705120 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE 2014-09-27 18:13:26 18605ECCA0701DBC114739A8E58E0626 15518888 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSACCESS.EXE 2014-09-27 18:13:26 182315495531E8395EDA537739C87460 72384 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSOHTMED.EXE 2014-09-27 18:13:26 03DED553CB47ECF6C87A9DF0A17391EA 1762976 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ONENOTE.EXE 2014-09-27 18:13:19 F9362E1DBABA93E104B0ECDA6D5C7012 90280 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\perfboost.exe 2014-09-27 18:13:18 C5BF5684F342C194120B4587E125CC00 205472 ----a-w- C:\Program Files\Microsoft Office 15\ClientX64\AppVShNotify.exe 2014-09-27 18:13:18 8D8D475017ACA6960DBC150C1391B7B9 249000 ----a-w- C:\Program Files\Microsoft Office 15\ClientX64\mavinject32.exe 2014-09-27 18:13:15 EDAD3D6932E4CB7D92F19FEE0238C29D 2428088 ----a-w- C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe 2014-09-27 18:13:15 C5B220E9B4552D7C282CF605EAC5576E 867520 ----a-w- C:\Program Files\Microsoft Office 15\ClientX64\officec2rclient.exe 2014-09-27 18:13:15 55E59C8A534CAA8C86E5FE4B048E5777 849120 ----a-w- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe 2014-09-27 18:13:15 19CE32F5C6F9437C8402E04E4B938C7E 1460896 ----a-w- C:\Program Files\Microsoft Office 15\ClientX64\appvcleaner.exe 2014-09-27 18:13:02 AD7AB03B57B3A6D5479BA486859B7D05 1056440 ----a-w- C:\Users\michiel\Downloads\Setup.X86.nl-nl_O365ProPlusRetail_4dc2db24-4604-4e2e-a79e-8274929e7aff_TX_PR_(1).exe 2014-09-27 18:09:00 AD7AB03B57B3A6D5479BA486859B7D05 1056440 ----a-w- C:\Users\michiel\Downloads\Setup.X86.nl-nl_O365ProPlusRetail_4dc2db24-4604-4e2e-a79e-8274929e7aff_TX_PR_.exe === C: other files == 2014-09-28 19:47:24 B27C186BB3FBCE9EB723B9692B751D37 401 ----a-w- C:\Users\Gast\AppData\Roaming\sp_data.sys 2014-09-27 18:13:26 B23995F0EBBD2EA8936CD30C3D33AF90 11528 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\System.Windows.Controls.Theming.Toolkit.zip 2014-09-27 18:13:26 66E7D4318253AD7EB4C5807F8F8F1DC3 86440 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\Ocomprivate.zip 2014-09-27 18:13:26 59634C7CA5ED0E9021EA004B00AE0C00 70525 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\Microsoft.Lync.Utilities.zip 2014-09-27 18:13:26 4F51304540C11D43F8EDEF3B7E2D6AE3 85318 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\Microsoft.Lync.Model.zip 2014-09-27 18:13:26 2125F8133833C5EE7B5AEBBEAE2DFCCC 28804 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\Microsoft.Lync.Utilities.Controls.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" "Bitdefender Wallet"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard" "Bitdefender Wallet Application Agent"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" [HKEY_USERS\S-1-5-21-903366808-2053774630-2569712142-1002\Software\Microsoft\Windows\CurrentVersion\Run] "Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" "Bitdefender Wallet Application Agent"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" "Akamai NetSession Interface"="C:\Users\michiel\AppData\Local\Akamai\netsession_win.exe" "HP Photosmart 5510 series (NET)"="C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe -deviceID CN1CF2461505NR:NW -scfn HP Photosmart 5510 series (NET) -AutoStart 1" "Spotify"="C:\Users\michiel\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\michiel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" "Bitdefender Wallet"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard" "Bitdefender Wallet Application Agent"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "WebStorage"="C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\ASUSWSLoader.exe" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" "Bitdefender Wallet Application Agent"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" "Akamai NetSession Interface"="C:\Users\michiel\AppData\Local\Akamai\netsession_win.exe" "HP Photosmart 5510 series (NET)"="C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe -deviceID CN1CF2461505NR:NW -scfn HP Photosmart 5510 series (NET) -AutoStart 1" "Spotify"="C:\Users\michiel\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\michiel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "AuditSHD"="C:\windows\system32\oobe\auditshd.exe" "ACMON"="C:\Program Files (x86)\ASUS\Splendid\ACMON.exe" "Classic Start Menu"="C:\Program Files\Classic Shell\ClassicStartMenu.exe -autorun" "Bdagent"="C:\Program Files\Bitdefender\Bitdefender\bdagent.exe" "Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll" ==== Startup Folders ====================== 2014-05-06 20:45:00 1948 ----a-w- C:\Users\michiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 5510 series (netwerk).lnk 2014-04-25 14:11:25 2062 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/09/2014 19:25] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\ASUS InstantOn Config" [C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe] "C:\WINDOWS\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe] "C:\WINDOWS\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe] "C:\WINDOWS\SysNative\tasks\ASUS Touchpad Launcher (x64)" [C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe] "C:\WINDOWS\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"] "C:\WINDOWS\SysNative\tasks\HPCustParticipation HP Photosmart 5510 series" ["C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{FE954079-E869-43B7-B4D8-B0DA688B5C5C}" [C:\WINDOWS\system32\msfeedssync.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "ffpwdman@bitdefender.com"="C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman" [22/04/2014 15:12] ==== Firefox Extensions ====================== ProfilePath: C:\Users\michiel\AppData\Roaming\Mozilla\Firefox\Profiles\h0rcpohr.default - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\michiel\AppData\Roaming\Mozilla\Firefox\Profiles\h0rcpohr.default D6ED6EB98E759460AD8C66DE23070132 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - Microsoft Office 2013 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013 DFC9460CC37E5C414DC4680B10C19E7A - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ccahoghmggldkcdjiebjkidpfongdfbl - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx[03/03/2014 14:59] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Use Search Asst"="yes" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uy24NiqVqYlCKedguhd0iCMGePuqKt9l5SyD_1Rz9XZiIg8Svq-fW7kp3JreITuKRwf9OcNytiFoW4hFEnZMunlWaS06qiDgD3GhiGgWLH0haRpuuoRJ5yvYDMh9L0NvhMNhZujbZr9e2fD0G_g,,&q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Use Search Asst"="no" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="http=127.0.0.1:49525;https=127.0.0.1:49525" "ProxyOverride"="<-loopback>;" "ProxyEnable"=dword:00000001 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\ASUSWSLoader.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" O4 - HKCU\..\Run: [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\michiel\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [HP Photosmart 5510 series (NET)] "C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1CF2461505NR:NW" -scfn "HP Photosmart 5510 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [Spotify] "C:\Users\michiel\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\michiel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKUS\S-1-5-18\..\Run: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" (User 'Default user') O4 - Startup: Inktwaarschuwingen controleren - HP Photosmart 5510 series (netwerk).lnk = ? O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe O23 - Service: Asus WebStorage Windows Service - ASUS Cloud Corporation - C:\Program Files (x86)\ASUS\WebStorage\2.1.1.265\AsusWSWinService.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender\vsserv.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\michiel\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\michiel\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=7 folders=4 47816 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gast\AppData\Local\Temp emptied successfully C:\Users\michiel\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\michiel\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on 29/09/2014 at 22:54:03.40 ======================