Zoek.exe v5.0.0.0 Updated 09-January-2015 Tool run by hfm on di 13-01-2015 at 11:59:41,95. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\hfm\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 13-1-2015 12:01:44 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Users\hfm\AppData\Roaming\Opera Software deleted successfully C:\Users\hfm\AppData\Local\Opera Software deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2871391618-1465616402-3070090435-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_CLASSES_ROOT\CLSID\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== clear.fi SDK- Movie 2 clear.fi SDK - Video 2 abDocs abDocs Office AddIn abMedia abPhoto Acer Backup Manager Acer Device Fast-lane Acer Instant Update Service Acer Power Management Acer Recovery Management Adobe Flash Player 15 Plugin Adobe Reader XI (11.0.10) - Nederlands Adobe Refresh Manager Agatha Christie - Death on the Nile Aloha TriPeaks ALPS Touch Pad Driver ANT Drivers Installer x64 AOP Framework AVG 2015 AVG PC TuneUp 2015 AVG PC TuneUp 2015 (nl-NL) Backup Manager v4 Bejeweled 3 CCleaner Common Desktop Agent CyberLink MediaEspresso 6.5 Delicious: Emily's True Love Premium Edition Dolby Home Theater v4 eBay Worldwide Elevated Installer Garmin Express Garmin Express Tray Google Chrome Google Update Helper Governor of Poker 2 Premium Edition Identity Card Intel(R) Management Engine Components Intel(R) Processor Graphics Intel(R) Rapid Storage Technology Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel© Trusted Connect Service Client IObit Uninstaller Island Tribe Jewel Match 3 John Deere Drive Green Launch Manager Magic Academy Malwarebytes Anti-Malware versie 2.0.4.1028 Microsoft Office Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual Studio 2005 Tools for Office Runtime More Games from WildTangent Games MyWinLocker MyWinLocker 4 MyWinLocker Suite NTI Media Maker 9 Office Addin OpenOffice 4.1.1 Penguins Plants vs. Zombies - Game of the Year Polar Bowler Qualcomm Atheros Bluetooth Suite (64) Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver Qualcomm Atheros WLAN and Bluetooth Client Installation Program Rapport Realtek High Definition Audio Driver Realtek PCIE Card Reader Samsung Easy Deployment Manager Samsung Easy Document Creator Samsung Easy Printer Manager Samsung Printer Diagnostics Samsung Scan Process Machine Samsung SCX-3400 Series Samsung Universal Scan Driver Shredder SkypeT 7.0 SNS Upload for Easy Document Creator Start Menu 8 Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) Tales of Lagoona Trusteer Eindpuntbeveiliging Update Installer for WildTangent Games App Visual Studio 2005 Tools for Office Second Edition Runtime Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables Visual Studio Tools for the Office system 3.0 Runtime Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) Watchtower Library 2013 - Nederlands ==== Running Processes ====================== C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe C:\Program Files (x86)\Launch Manager\dsiwmis.exe C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe C:\Program Files (x86)\Launch Manager\LMutilps32.exe C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe C:\WINDOWS\SysWOW64\ctfmon.exe C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Users\hfm\Downloads\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\hfm\AppData\Roaming\RHEng deleted C:\PROGRA~3\boost_interprocess deleted C:\PROGRA~3\ProductData deleted C:\WINDOWS\SysNative\config\systemprofile\Searches deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3913 MB CPU Info: Intel(R) Core(TM) i3-2348M CPU @ 2.30GHz CPU Speed: 2347,6 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics 3000 | Intel(R) HD Graphics 3000 Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Bluetooth-apparaat (Personal Area Network) | Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet-controller (NDIS 6.30) | Qualcomm Atheros AR5BWB222 Wireless-netwerkadapter CD / DVD Drives: 1x (D: | ) D: MATSHITADVD-RAM UJ8E1 Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 443,5GB Hard Disks - Free: C: 392,5GB Manufacturer *: Insyde Corp. BIOS Info: AT/AT COMPATIBLE | | ACRSYS - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: Acer VA70_HC Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: McAfee Antivirus en antispyware On-access scanning disabled (Outdated) Anti-Virus: AVG AntiVirus Free Edition 2015 On-access scanning disabled (Outdated) Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: McAfee Antivirus en antispyware disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG AntiVirus Free Edition 2015 disabled (Outdated) Firewall: McAfee Firewall disabled Default Browser: Google Chrome 39.0.2171.95 Internet Explorer Version: 11.0.9600.17498 Google Chrome version: 39.0.2171.95 Adobe Reader version: 11.0.10.32 Flash Player version: 15.0.0.246 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\hfm\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== ====== C:\WINDOWS\Sysnative\drivers ===== ====== C:\WINDOWS\Tasks ====== 2015-01-10 08:01:26 76F5208BB3D2FC6115115705FD58E002 3156 ----a-w- C:\WINDOWS\Sysnative\Tasks\StartMenuAutoupdate 2014-12-29 12:02:55 B63AD96D5AB77552EFDB7D2277C3B0CB 3886 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Acrobat Update Task 2014-12-17 11:48:47 A5DA1D9D7882E54B4539C44B069576E9 288 ----a-w- C:\WINDOWS\Tasks\Uninstaller_SkipUac_hfm.job 2014-12-17 11:48:47 1A53F635A69654F9F4C21B75A14E4316 2384 ----a-w- C:\WINDOWS\Sysnative\Tasks\Uninstaller_SkipUac_hfm ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-01-13 07:31:28 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2015-01-10 08:02:26 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2015-01-10 08:02:26 -------- d-----r- C:\PROGRA~2\Skype 2014-12-17 14:08:14 -------- d-----w- C:\PROGRA~2\Opera ======= C: ===== ====== C:\Users\hfm\AppData\Roaming ====== 2015-01-10 08:02:48 -------- d-----w- C:\Users\hfm\AppData\Local\Skype 2015-01-10 08:02:38 -------- d-----w- C:\Users\hfm\AppData\Roaming\Skype 2014-12-17 11:48:50 -------- d-----w- C:\Users\hfm\AppData\Roaming\ProductData 2014-12-17 11:48:43 -------- d-----w- C:\Users\hfm\AppData\Roaming\IObit 2014-12-16 11:08:44 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\clear.fi 2014-12-16 11:08:28 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Acer 2014-12-16 11:07:21 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\acer 2014-12-15 08:12:00 -------- d-----w- C:\Users\hfm\AppData\Local\CrashDumps ====== C:\Users\hfm ====== 2015-01-13 07:31:16 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\hfm\Downloads\RSITx64.exe 2015-01-11 20:17:59 -------- d-----w- C:\Users\hfm\PicStream 2015-01-10 08:02:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-01-10 08:02:20 -------- d-----w- C:\ProgramData\Skype 2015-01-10 08:01:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8 2014-12-31 12:21:03 E45823AE0D754FC0206F14C1FC43EB74 5317104 ----a-w- C:\Users\hfm\Downloads\ccsetup501.exe 2014-12-17 11:48:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller ====== C: exe-files == 2015-01-13 10:51:56 5C8D8F0B17EDBD8E2945BE17C5132643 16912 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgrdtesta.exe 2015-01-13 10:51:55 EA2ED5D61F1BBBABAF78EC93CD873352 6134048 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe 2015-01-13 10:51:55 5E079E70C9C64583C5B4A329D86CA44E 15888 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgrdtestx.exe 2015-01-13 10:51:55 0C64EECF88C5818A0F6DE724876B3812 62992 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avguirux.exe 2015-01-13 07:31:29 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\hfm.exe 2015-01-13 07:31:16 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\hfm\Downloads\RSITx64.exe 2015-01-10 08:01:40 F70FD2250BA1827225DA0D752FDAE0BA 40462952 ----a-w- C:\Users\hfm\AppData\Local\Microsoft\Windows\INetCache\IE\71KLQQ10\SkypeSetupFull[1].exe 2015-01-10 08:01:28 A8C1F41D4EFC0279C5780EACB615F280 2267968 ----a-w- C:\Program Files (x86)\IObit\Start Menu 8\Freeware\Start_Menu8_FreeSoftwareDownloader.exe 2015-01-10 08:01:26 1A8DF9C04E70699E0F9228B9CD780864 3761840 ----a-w- C:\Program Files (x86)\IObit\Start Menu 8\ADSRemovalSetup.exe 2015-01-10 08:01:25 F2EC9162240C3C275ED9489C466D3039 2712352 ----a-w- C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe 2015-01-10 08:01:25 E811D6044B8D310DD3BB839823F0D455 2052384 ----a-w- C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Index.exe 2015-01-10 08:01:25 BA23B49D2531575F2EB983234576C5C7 72992 ----a-w- C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe 2015-01-10 08:01:25 A8C1F41D4EFC0279C5780EACB615F280 2267968 ----a-w- C:\Program Files (x86)\IObit\Start Menu 8\IObitDownloader.exe 2015-01-10 08:01:25 A7550F76A5588468D67F23C4BECCC475 86816 ----a-w- C:\Program Files (x86)\IObit\Start Menu 8\Check.exe 2015-01-10 08:01:25 8B487D97AB896B1E7A8CC8CF1C4034E2 392480 ----a-w- C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe 2015-01-10 08:01:25 8A9A9E9B7B76B65FF23CA56910C65CAF 1722656 ----a-w- C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe 2015-01-10 08:01:25 873B2367372A8D403B4FBBAE612EC4F2 29984 ----a-w- C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe 2015-01-10 08:01:25 7963FD21430178378C9C839EEDF0BE07 70944 ----a-w- C:\Program Files (x86)\IObit\Start Menu 8\ToggleDesktop.exe 2015-01-10 08:01:25 65199033699714FF00DE7E44D57B7BE0 58240 ----a-w- C:\Program Files (x86)\IObit\Start Menu 8\Sendbugreport.exe 2015-01-10 08:01:24 E5F25510DA89D83B0DFF32257D05C823 584480 ----a-w- C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8_frmStartMenuLibrary.exe 2015-01-10 08:01:24 DC261156F222672510BE6E0B88BFE19E 1699616 ----a-w- C:\Program Files (x86)\IObit\Start Menu 8\UninstallPromote.exe 2015-01-10 08:01:24 87E10428B22B16711919B2E071DD481D 20768 ----a-w- C:\Program Files (x86)\IObit\Start Menu 8\KillAllStartMenu.exe 2015-01-10 08:01:24 6617AD1E87714966B56F5EF3B8E80A84 407872 ----a-w- C:\Program Files (x86)\IObit\Start Menu 8\NewUpdater.exe 2015-01-10 08:01:24 3D49A024CF61396F692DCCA96E9DF46D 993568 ----a-w- C:\Program Files (x86)\IObit\Start Menu 8\StartMenuSetting.exe 2015-01-10 08:01:24 078EA6956C3FF74AD826C1A342B3E041 398112 ----a-w- C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8_About.exe 2015-01-09 12:28:05 AE0D93E6068A47B18C5962A8E4157D54 48896 ----a-w- C:\Windows\Temp\AOP\acer\actool_win.exe 2015-01-09 12:28:05 9B470F58C888E1D21EF1AAB5A496C496 9191168 ----a-w- C:\Windows\Temp\AOP\acer\ccd.exe 2015-01-09 12:28:05 5689D43C3B201DD3810FA3BBA4A6476A 4216840 ----a-w- C:\Windows\Temp\AOP\vcredist_x86_2008.exe 2015-01-09 12:28:05 1F8F20C36E7619152FF46F7703077922 2713856 ----a-w- C:\Windows\Temp\AOP\CCDMonitorService.exe 2015-01-09 12:28:05 03F8426180AEE678C6C4DA9139B1079B 7168 ----a-w- C:\Windows\Temp\AOP\ClientOperationTest.exe 2015-01-09 12:26:50 506F562BF6D2819812DA511F01A9C7A0 34649144 ----a-w- C:\Users\hfm\AppData\Local\clear.fi\Docs\abDocsSetup.exe 2015-01-06 12:24:53 DB7DB8F5EBCDB083A46D20980F736852 2542848 ----a-w- C:\Users\hfm\AppData\Local\clear.fi\Photo\abPhoto\abPhotoSetup.exe 2015-01-06 12:24:48 CCB5EBFC24952DE928169C156D0930F6 45014704 ----a-w- C:\Users\hfm\AppData\Local\clear.fi\Photo\abPhoto\abPhoto.exe 2015-01-06 12:24:40 92CD9C04340E51C9EF83A3BF51C3C28C 46508792 ----a-w- C:\Users\hfm\AppData\Local\clear.fi\Photo\abPhotoSetup.exe === C: other files == 2015-01-12 20:30:09 A39F605BD1DB4F44BA1C6238AA9B7383 472792 ----a-w- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_80120.sys 2015-01-12 20:30:09 898A05859D60BFCDF332139E2323EDBE 845464 ----a-w- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80120.sys 2015-01-09 12:27:12 EF400B813B11759563EFA85D79FC8144 927 ----a-w- C:\Windows\Temp\abDocs\unpindocs.vbs 2015-01-09 12:27:12 577F70784EF0416024FFEF1878BD9F60 546 ----a-w- C:\Windows\Temp\abDocs\pindocs.vbs 2015-01-09 12:26:48 E977919EF3342F1FBCE8814A07DB7DD3 34586574 ----a-w- C:\Users\hfm\AppData\Local\clear.fi\Docs.zip 2015-01-07 17:03:04 128D317DDBD4E353C2FC9117F6AC5DAC 2086926 ----a-w- C:\Users\hfm\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\LocalState\DiskCache\Worlds.zip 2015-01-06 12:24:36 A346A5E1B1CF7F0DD0BA3FA7CAA5AA3C 46128558 ----a-w- C:\Users\hfm\AppData\Local\clear.fi\Photo.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2871391618-1465616402-3070090435-1001\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Dolby Home Theater v4"="C:\Dolby PCEE4\pcee4.exe -autostart" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" "BacKGround Agent"="C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe" "abDocsDllLoader"="C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 " "BtPreLoad"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtPreLoad.exe" "CDAServer"="C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe" ==== Startup Folders ====================== 2012-12-20 04:31:29 2171 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09-12-2014 22:06] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04-10-2014 18:01] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04-10-2014 18:01] C:\WINDOWS\tasks\Uninstaller_SkipUac_hfm.job --a-------- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [17-12-2014 12:48] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\Adobe Reader and Acrobat Manager" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\ALU" [C:\Program Files (x86)\Acer\Live Updater\updater.exe] "C:\WINDOWS\SysNative\tasks\ALUAgent" [C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\DeviceDetector" [C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe] "C:\WINDOWS\SysNative\tasks\EgisUpdate" ["C:\Program Files\EgisTec IPS\EgisUpdate.exe"] "C:\WINDOWS\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\iuBrowserIEAgent" ["C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe"] "C:\WINDOWS\SysNative\tasks\iuEmailOutlookAgent" ["C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe"] "C:\WINDOWS\SysNative\tasks\PMMUpdate" ["C:\Program Files\EgisTec IPS\PMMUpdate.exe"] "C:\WINDOWS\SysNative\tasks\Power Management" ["C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"] "C:\WINDOWS\SysNative\tasks\StartMenuAutoupdate" [C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe] "C:\WINDOWS\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe] "C:\WINDOWS\SysNative\tasks\Uninstaller_SkipUac_hfm" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{921FB239-8D9D-46A9-B3F3-6A3143384C50}" [C:\WINDOWS\system32\msfeedssync.exe] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95) Google Slides - hfm\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - hfm\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - hfm\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - hfm\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - hfm\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - hfm\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Wallet - hfm\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - hfm\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\hfm\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_vacatures.trovit.nl_0.localstorage deleted successfully C:\Users\hfm\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_vacatures.trovit.nl_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{8C8BDECA-373C-43B4-B852-B148C64FFFF7}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFF_nlNL608" {8C8BDECA-373C-43B4-B852-B148C64FFFF7} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [BacKGround Agent] C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe O4 - HKLM\..\Run: [abDocsDllLoader] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - Global Startup: Acer Backup Manager Tray.lnk = C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: StartMenu8 Service (StartMenuService) - IObit - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\hfm\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\hfm\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\hfm\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\hfm\AppData\Local\Microsoft\Windows\INetCache\IE\2TQN7DEG will be deleted at reboot C:\Users\hfm\AppData\Local\Microsoft\Windows\INetCache\IE\5UOZT4I3 will be deleted at reboot C:\Users\hfm\AppData\Local\Microsoft\Windows\INetCache\IE\71KLQQ10 will be deleted at reboot C:\Users\hfm\AppData\Local\Microsoft\Windows\INetCache\IE\FK0PJ486 will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\hfm\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=10 folders=7 756572 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\hfm\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\hfm\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\hfm\AppData\Local\Microsoft\Windows\INetCache\IE\2TQN7DEG" not found "C:\Users\hfm\AppData\Local\Microsoft\Windows\INetCache\IE\5UOZT4I3" not found "C:\Users\hfm\AppData\Local\Microsoft\Windows\INetCache\IE\71KLQQ10" not found "C:\Users\hfm\AppData\Local\Microsoft\Windows\INetCache\IE\FK0PJ486" not found ==== EOF on di 13-01-2015 at 13:01:21,21 ======================