Zoek.exe v5.0.0.0 Updated 26-10-2014 Tool run by giuseppe on zo 26/10/2014 at 20:55:05,99. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\giuseppe\Desktop\Computer\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 26/10/2014 20:58:52 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~3\Babylon deleted successfully C:\PROGRA~3\ProductData deleted successfully C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully C:\Users\giuseppe\AppData\Roaming\Media Player Classic deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1687350831-1530992600-3121883764-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully HKEY_USERS\S-1-5-21-1687350831-1530992600-3121883764-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully HKEY_USERS\S-1-5-21-1687350831-1530992600-3121883764-1002\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-1687350831-1530992600-3121883764-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-1687350831-1530992600-3121883764-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-1687350831-1530992600-3121883764-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_USERS\S-1-5-21-1687350831-1530992600-3121883764-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-1687350831-1530992600-3121883764-1002\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-1687350831-1530992600-3121883764-1002\Software\Microsoft\Internet Explorer\SearchScopes\{8497805C-9823-4B5A-A6C3-45001BD15DDD} deleted successfully HKEY_USERS\S-1-5-21-1687350831-1530992600-3121883764-1002\Software\Microsoft\Internet Explorer\SearchScopes\{A1335F95-804C-4B91-9EC0-FB7153D2E275} deleted successfully HKEY_USERS\S-1-5-21-1687350831-1530992600-3121883764-1002\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6} deleted successfully HKEY_CLASSES_ROOT\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files (x86)\PC Speed Up\PCSUService.exe C:\Program Files (x86)\AVG\AVG2015\avgfws.exe C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe C:\Program Files (x86)\PHotkey\PHotkey.exe C:\Program Files (x86)\PHotkey\MsgTranAgt.exe C:\Program Files (x86)\PHotkey\POSD.exe C:\Program Files (x86)\PHotkey\GPMTray.exe C:\Program Files (x86)\PHotkey\HCSynApi.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Users\giuseppe\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\giuseppe\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\giuseppe\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\WINDOWS\SysWOW64\ctfmon.exe C:\Users\giuseppe\Desktop\Computer\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\DllHost.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DefaultTabSearch deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.9 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCSUService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\70e6ca8c deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files\\Internet Explorer\\iexplore.exe" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "bProtector Start Page"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "bProtectorDefaultScope"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SearchProtection"=- "Browser Extensions"=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "vProt"=- ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\DefaultTab not found C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found C:\ProgramData\WindowsMangerProtect not found C:\Program Files (x86)\Optimizer Pro not found C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found C:\ProgramData\tpuerfecttccoupoen deleted C:\Users\giuseppe\AppData\Roaming\Browser Extensions deleted C:\Program Files (x86)\Common Files\DVDVideoSoft deleted C:\Users\giuseppe\AppData\Roaming\Search Protection deleted C:\ProgramData\CheapCoupon deleted C:\ProgramData\4a0b40ca4a8ce483 deleted C:\Users\giuseppe\AppData\Roaming\Optimizer Pro deleted C:\Users\giuseppe\AppData\Roaming\ProductData deleted C:\PROGRA~2\FLVM Player deleted C:\PROGRA~2\PC Speed Up deleted C:\PROGRA~2\RegClean Pro deleted C:\PROGRA~2\COMMON~1\AVG Secure Search deleted C:\Users\giuseppe\AppData\Roaming\DVDVideoSoftIEHelpers deleted C:\Users\giuseppe\AppData\Roaming\BabSolution deleted C:\Users\giuseppe\AppData\Roaming\Babylon deleted C:\Users\giuseppe\AppData\Roaming\Systweak deleted C:\Users\giuseppe\AppData\Roaming\OpenCandy deleted C:\PROGRA~3\AVG Secure Search deleted C:\Users\giuseppe\AppData\Local\AVG Secure Search deleted C:\Users\giuseppe\AppData\Local\Systweak deleted C:\Users\giuseppe\AppData\Local\CrashRpt deleted C:\Users\giuseppe\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Up deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\giuseppe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLVM Player deleted C:\WINDOWS\SysNative\roboot64.exe deleted C:\windows\SysNative\Tasks\LaunchApp deleted C:\windows\SysNative\Tasks\PC SpeedUp Service Deactivator deleted C:\WINDOWS\Tasks\PC SpeedUp Service Deactivator.job deleted C:\Users\giuseppe\Downloads\FreeYouTubeToMP3Converter (1).exe deleted C:\Users\giuseppe\Downloads\FreeYouTubeToMP3Converter.exe deleted C:\Users\giuseppe\Downloads\SoftonicDownloader_voor_windows-media-player-10.exe deleted C:\Users\giuseppe\AppData\LocalLow\AVG Secure Search deleted C:\WINDOWS\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\WINDOWS\wininit.ini deleted C:\windows\SysNative\Tasks\EPUpdater deleted C:\windows\SysNative\tasks\Optimizer Pro Schedule deleted C:\windows\SysNative\tasks\DTReg deleted C:\windows\SysNative\tasks\RegClean Pro deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted C:\WINDOWS\SysWow64\searchplugins deleted C:\WINDOWS\SysWow64\Extensions deleted C:\Users\giuseppe\Documents\Optimizer Pro deleted C:\Users\giuseppe\Documents\PCSpeedUp deleted "C:\PROGRA~2\AVG Secure Search\TBAPI.dll" deleted "C:\PROGRA~2\AVG Secure Search\TBAPI.dll" deleted "C:\PROGRA~2\Windows Portable Devices" deleted "C:\PROGRA~2\AVG Secure Search" not deleted "C:\PROGRA~2\AVG Secure Search" not deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3978 MB CPU Info: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz CPU Speed: 2568,3 MHz Sound Card: Speakers (Realtek High Definiti | Realtek Digital Output (Realtek | Display Adapters: Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | NVIDIA GeForce GT 635M Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Bluetooth-apparaat (Personal Area Network) | Intel(R) Centrino(R) Wireless-N 2230 | Realtek PCIe GBE Family-controller CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SN-208BB Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 869,4GB | D: 60,0GB Hard Disks - Free: C: 819,8GB | D: 41,4GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | MEDION - 1 Time Zone: Romance (standaardtijd) Motherboard *: Medion Akoya P6638 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: AVG Internet Security 2015 On-access scanning disabled (Outdated) Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG Internet Security 2015 disabled (Outdated) Firewall: AVG Internet Security 2015 disabled Default Browser: Google Chrome 37.0.2062.124 Internet Explorer Version: 11.0.9600.17278 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\giuseppe\AppData\Local\Temp ==== 2014-10-21 19:17:44 848C92FE4CA42367B63875FF6789A858 5624256 ----a-w- C:\Users\giuseppe\AppData\Local\Temp\pcspeedup.exe 2014-10-21 18:13:17 72A828BB9A787017B1E9BAFF1694E7B9 1616928 ----a-w- C:\Users\giuseppe\AppData\Local\Temp\{416E71C1-D2F2-4D24-829D-9A02053FB096}\BrowserExtensionsSetup.exe 2014-10-19 09:30:21 9072CB27D5B2B44738CA5738315B3B50 1616176 ----a-w- C:\Users\giuseppe\AppData\Local\Temp\{58709F5C-B3DC-44A6-A649-754EAF36E1A9}\BrowserExtensionsSetup.exe 2014-10-17 17:31:34 C76B8E74F900E083712ADC5B597A05C3 339264 ----a-w- C:\Users\giuseppe\AppData\Local\Temp\5080\taskmgr.dll 2014-10-17 17:31:34 5C74AD321FDD45D4562F6F67D9A75C84 1145120 ----a-w- C:\Users\giuseppe\AppData\Local\Temp\5080\ProjectOnUninstall.exe ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== ====== C:\WINDOWS\Sysnative\drivers ===== ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-10-20 18:33:34 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\giuseppe\AppData\Roaming ====== 2014-10-21 16:17:12 -------- d-----w- C:\Users\giuseppe\AppData\Local\Avg2014 2014-10-19 18:06:01 -------- d-----w- C:\Users\giuseppe\AppData\Roaming\AVG2015 2014-10-19 18:03:57 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\AVG2015 2014-10-19 18:03:02 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Avg2015 2014-10-19 17:59:30 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Avg 2014-10-19 17:59:09 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Avg2015 2014-10-19 17:55:15 -------- d-----w- C:\Users\giuseppe\AppData\Local\Avg2015 2014-09-26 20:43:18 -------- d-----w- C:\Users\Default\AppData\Roaming\IObit 2014-09-26 20:43:18 -------- d-----w- C:\Users\Default User\AppData\Roaming\IObit ====== C:\Users\giuseppe ====== 2014-10-26 08:25:05 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp 2014-10-23 19:18:03 0478ADC513968000E1F888ADE4EA83B6 4703560 ----a-w- C:\Users\giuseppe\Downloads\software_removal_tool.exe 2014-10-21 19:17:44 9C9CC9B0F81EF17AECF6F35B951FEFED 12527152 ----a-w- C:\Users\giuseppe\Desktop\mp10setupes.exe 2014-10-20 18:30:24 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\giuseppe\Downloads\RSITx64 (1).exe 2014-10-20 18:30:03 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\giuseppe\Desktop\RSITx64.exe 2014-10-19 17:59:20 -------- d-----w- C:\ProgramData\AVG2015 2014-10-17 18:53:45 A61CC6EF608CBA78AA799836814E801F 86080 ----a-w- C:\Users\giuseppe\Downloads\OpenOffice-4-0-1.exe ====== C: exe-files == 2014-10-26 19:47:13 EFEA2F10B4B5C2A73A1F57B161BEA449 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1687350831-1530992600-3121883764-1002\$IE2ITTZ.exe 2014-10-24 19:26:47 77ED3BFE03113FB4A2D674BC62080521 424248 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00006694\CoProc update.19000563.exe 2014-10-20 18:33:34 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\giuseppe.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1687350831-1530992600-3121883764-1002\Software\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="C:\Users\giuseppe\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Google Update"="C:\Users\giuseppe\AppData\Local\Google\Update\GoogleUpdate.exe /c" "PCSpeedUp"="C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe" [HKEY_USERS\S-1-5-21-1687350831-1530992600-3121883764-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CLMLServer_For_P2G8"="C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R" "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "YouCam Service"="C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe /s" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" "Online Vault"="C:\Program Files (x86)\OnlineVault\OVTray.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="C:\Users\giuseppe\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Google Update"="C:\Users\giuseppe\AppData\Local\Google\Update\GoogleUpdate.exe /c" "PCSpeedUp"="C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\WINDOWS\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 " "BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll,TrayApp" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll,C:\\WINDOWS\\system32\\nvinitx.dll" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1687350831-1530992600-3121883764-1002Core.job --a-------- C:\Users\giuseppe\AppData\Local\Facebook\Update\FacebookUpdate.exe [07/08/2013 16:47] C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1687350831-1530992600-3121883764-1002UA.job --a-------- [Undetermined Task] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1687350831-1530992600-3121883764-1002Core.job --a-------- [Undetermined Task] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1687350831-1530992600-3121883764-1002UA.job --a-------- [Undetermined Task] C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job --a-------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [21/09/2012 09:55] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\DTChk" [C:\Users\Public\Util\DTChk.exe] "C:\WINDOWS\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1687350831-1530992600-3121883764-1002Core" [C:\Users\giuseppe\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\WINDOWS\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1687350831-1530992600-3121883764-1002UA" [C:\Users\giuseppe\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\WINDOWS\SysNative\tasks\Google Updater and Installer" [C:\Users\giuseppe\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1687350831-1530992600-3121883764-1002Core" [C:\Users\giuseppe\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1687350831-1530992600-3121883764-1002UA" [C:\Users\giuseppe\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\Synaptics TouchPad Enhancements" [\Program Files\Synaptics\SynTP\SynTPEnh.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{2C4A5706-7CF6-4735-B8EE-5B960B1D44B5}" [C:\Windows\system32\msfeedssync.exe] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\giuseppe\AppData\Roaming\BabSolution\CR\Delta.crx[] kdidombaedgpfiiedeimiebkmbilgmlc - C:\Program Files (x86)\DefaultTab\DefaultTab.crx[] ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\\ChromeExt\\avg.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[] Online Chess Games - giuseppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdpiilochbpoemecaookclgloelkmdfc Delta Toolbar - giuseppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde Delicious Reloaded - giuseppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgplakhhiofpgplgbjgohnjfnkiafncd DVDVideoSoft - giuseppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp ==== Chromium Startpages ====================== C:\Users\giuseppe\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.doko-search.com/?babsrc=HP_ss_mib2&mntrId=403784A6C8F806A2&affID=121564&tsp=4951", "startup_urls": [ "http://istart.webssearches.com/?type=hp&ts=1411496226&from=slbnew&uid=ST1000LM024XHN-M101MBB_S2U5J9CCB60880" ], ==== Chromium Fix ====================== C:\Users\giuseppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully C:\Users\giuseppe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage deleted successfully C:\Users\giuseppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully C:\Users\giuseppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdpiilochbpoemecaookclgloelkmdfc deleted successfully C:\Users\giuseppe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cdpiilochbpoemecaookclgloelkmdfc_0.localstorage deleted successfully C:\Users\giuseppe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cdpiilochbpoemecaookclgloelkmdfc_0.localstorage-journal deleted successfully C:\Users\giuseppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgplakhhiofpgplgbjgohnjfnkiafncd deleted successfully C:\Users\giuseppe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jgplakhhiofpgplgbjgohnjfnkiafncd_0.localstorage deleted successfully C:\Users\giuseppe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jgplakhhiofpgplgbjgohnjfnkiafncd_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go2/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go2/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {B5EEE069-3E0A-4EDC-BEE7-7DB06B9E7705} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS" ==== shortcuts on Users Desktops ====================== C:\Users\Default\Desktop\ALDI Foto Service.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.aldifoto.be/nl C:\Users\Default\Desktop\ALDI Startpagina.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://aldi-bn.aldi.be/ C:\Users\Default\Desktop\ALDI Talk.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.medionmobile.be/ C:\Users\Default\Desktop\LIFESTORE.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.medion.com/lifestore C:\Users\Default\Desktop\MEDIONhome.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.medion.com/be/nl C:\Users\Default\Desktop\MEDIONmediathek.lnk - C:\Program Files (x86)\Mediathek\Medion Mediathek.exe C:\Users\Default\Desktop\Windows 8 Info.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.windows.com/getstarted C:\Users\Default User\Desktop\ALDI Foto Service.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.aldifoto.be/nl C:\Users\Default User\Desktop\ALDI Startpagina.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://aldi-bn.aldi.be/ C:\Users\Default User\Desktop\ALDI Talk.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.medionmobile.be/ C:\Users\Default User\Desktop\LIFESTORE.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.medion.com/lifestore C:\Users\Default User\Desktop\MEDIONhome.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.medion.com/be/nl C:\Users\Default User\Desktop\MEDIONmediathek.lnk - C:\Program Files (x86)\Mediathek\Medion Mediathek.exe C:\Users\Default User\Desktop\Windows 8 Info.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.windows.com/getstarted C:\Users\giuseppe\Desktop\ALDI Foto Service.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1411496226&from=slbnew&uid=ST1000LM024XHN-M101MBB_S2U5J9CCB60880 C:\Users\giuseppe\Desktop\FLVM Player.lnk - C:\Program Files (x86)\FLVM Player\FLVMPlayer.exe C:\Users\giuseppe\Desktop\Google Chrome.lnk - C:\Users\giuseppe\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\giuseppe\Desktop\LIFESTORE.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1411496226&from=slbnew&uid=ST1000LM024XHN-M101MBB_S2U5J9CCB60880 C:\Users\giuseppe\Desktop\MEDIONhome.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1411496226&from=slbnew&uid=ST1000LM024XHN-M101MBB_S2U5J9CCB60880 C:\Users\giuseppe\Desktop\MEDIONmediathek.lnk - C:\Program Files (x86)\Mediathek\Medion Mediathek.exe C:\Users\giuseppe\Desktop\Windows 8 Info.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1411496226&from=slbnew&uid=ST1000LM024XHN-M101MBB_S2U5J9CCB60880 ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe C:\Users\Public\Desktop\AVG 2015.lnk - C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe C:\Users\Public\Desktop\Microsoft Office.lnk - C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe ==== shortcuts in Users Start Menu ====================== C:\Users\giuseppe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1411496226&from=slbnew&uid=ST1000LM024XHN-M101MBB_S2U5J9CCB60880 C:\Users\giuseppe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\giuseppe\AppData\Local\Google\Chrome\Application\chrome.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2015.lnk - C:\Program Files (x86)\AVG\AVG2015\avgui.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\giuseppe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Users\giuseppe\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\giuseppe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1411496226&from=slbnew&uid=ST1000LM024XHN-M101MBB_S2U5J9CCB60880 C:\Users\giuseppe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\giuseppe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\giuseppe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CyberLink PhotoDirector 3.lnk - C:\Program Files (x86)\CyberLink\PhotoDirector3\PhotoDirector3.exe C:\Users\giuseppe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\giuseppe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Users\giuseppe\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\giuseppe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HomeCinema.lnk - C:\Program Files (x86)\CyberLink\Media Suite\PS.exe C:\Users\giuseppe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office.lnk - C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe C:\Users\giuseppe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\QuickLaunch.lnk - C:\Program Files (x86)\Lenovo\LenovoQuickLaunch\LenovoQuickLaunch.exe /pin:warn /hide:no C:\Users\giuseppe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== shortcuts After Repair ====================== C:\Users\Default\Desktop\ALDI Foto Service.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Default\Desktop\ALDI Startpagina.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Default\Desktop\ALDI Talk.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Default\Desktop\LIFESTORE.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Default\Desktop\MEDIONhome.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Default\Desktop\Windows 8 Info.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Default User\Desktop\ALDI Foto Service.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Default User\Desktop\ALDI Startpagina.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Default User\Desktop\ALDI Talk.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Default User\Desktop\LIFESTORE.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Default User\Desktop\MEDIONhome.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Default User\Desktop\Windows 8 Info.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\giuseppe\Desktop\ALDI Foto Service.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\giuseppe\Desktop\LIFESTORE.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\giuseppe\Desktop\MEDIONhome.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\giuseppe\Desktop\Windows 8 Info.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\giuseppe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\giuseppe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{23B82977-C816-92D2-66E7-BE67DD1E7786} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1 deleted successfully ==== HijackThis Entries ====================== R3 - URLSearchHook: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [Online Vault] "C:\Program Files (x86)\OnlineVault\OVTray.exe" O4 - HKCU\..\Run: [Facebook Update] "C:\Users\giuseppe\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [Google Update] "C:\Users\giuseppe\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe O4 - HKUS\S-1-5-21-1687350831-1530992600-3121883764-1001\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'UpdatusUser') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O8 - Extra context menu item: Verzenden naar Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-154558-44482-6/4 (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-154558-44482-6/4 (file missing) (HKCU) O9 - Extra button: Verzenden naar Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU) O9 - Extra 'Tools' menuitem: Verzenden naar Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (file missing) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\GFNEXSrv.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\giuseppe\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\giuseppe\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\giuseppe\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=901 folders=270 310740364 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\giuseppe\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\giuseppe\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~2\AVG Secure Search" not found "C:\PROGRA~2\AVG Secure Search" not found ==== EOF on zo 26/10/2014 at 22:12:17,29 ======================