
Zoek.exe v5.0.0.0 Updated 01-March-2015
Tool run by HJ on ma 02-03-2015 at 19:06:04,49.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\HJ\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

2-3-2015 19:07:27 Zoek.exe System Restore Point Created Succesfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 


==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\COMMON~1\Intel deleted successfully
C:\Program Files\HitmanPro deleted successfully
C:\Users\HJ\AppData\Roaming\QuickScan deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1678404130-3992629174-1409312026-1002\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

Ashampoo AppLauncher (Medion) v.1.0.0  
AVG 2015  
CCleaner  
CyberLink LabelPrint 2.5  
CyberLink MediaEspresso 6.5  
CyberLink PhotoDirector 3  
CyberLink Power2Go 8  
CyberLink PowerDirector  
CyberLink PowerDVD 10  
CyberLink PowerDVD Copy 1.5  
CyberLink PowerRecover  
D3DX10  
Fotogalerie  
Fotogalerija  
Fotogalleri  
Fotogalleriet  
Fotograf Galerisi  
Fot¢t r  
Galeria de Fotografias  
Galer¡a de fotos  
Galeria fotografii  
Galerie de photos  
Google Chrome  
Google Update Helper  
Intel(R) Rapid Storage Technology  
Medion Home Cinema 10  
Microsoft Application Error Reporting  
Microsoft SQL Server 2005 Compact Edition [ENU]  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319  
Movie Maker  
MSVCRT  
MSVCRT110  
MSVCRT110_amd64  
NVIDIA Control Panel 327.02  
NVIDIA Graphics Driver 327.02  
NVIDIA HD Audio Driver 1.3.26.4  
NVIDIA Install Application  
NVIDIA PhysX  
NVIDIA PhysX System Software 9.13.0725  
NVIDIA Update 1.14.17  
NVIDIA Update Components  
OpenOffice 4.0.1  
Photo Common  
Photo Gallery  
PhotoNow  
Podstawowe programy Windows Live  
Raccolta foto  
Realtek Ethernet Controller Driver  
Realtek High Definition Audio Driver  
S?????? f?t???af???  
Valokuvavalikoima  
Visual Studio 2012 x64 Redistributables  
Visual Studio 2012 x86 Redistributables  
Windows Live Communications Platform  
Windows Live Essentials  
Windows Live Installer  
Windows Live Photo Common  
Windows Live PIMT Platform  
Windows Live SOXE  
Windows Live SOXE Definitions  
Windows Live Temel Par‡alar  
Windows Live UX Platform  
Windows Live UX Platform Language Pack  
Windows Liven peruspaketti  

==== Running Processes ======================

C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Users\HJ\Downloads\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
C:\ProgramData\McAfee Security Scan deleted
C:\Program Files\McAfee Security Scan deleted
C:\ProgramData\McAfee deleted
C:\PROGRA~2\AVG Security Toolbar deleted
C:\PROGRA~3\Avg_Update_0814tb deleted
C:\PROGRA~3\Avg_Update_1214tb deleted
C:\PROGRA~3\AVG Security Toolbar deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\HJ\Downloads\avg_free_stb_all_2014_4355_cnet.exe deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted
"C:\PROGRA~2\Windows Multimedia Platform" deleted

==== System Specs ======================

Operating System: Microsoft Windows 8.1 6.3.9600  64 bits
Manufacturer: MEDION - Model: MS-7848
Install Date: 16-4-2014 19:45:10
Last Boot: 2-3-2015 19:03:27
Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Number of Processors: 4
Work Station
Bootmode: Normal boot
Total RAM: 4052 MB (free 2953 MB - 72)
Computername: MEDION-PC
Domain: WORKGROUP
User: HJ (Administrator account)
Local Disk:        C:\ - NTFS - 117 GB (free 89 GB)
Local Disk:        D:\ - NTFS - 870 GB (free 870 GB)
Local Disk:        E:\ - NTFS - 60 GB (free 45 GB)
Removable Disk:    F:\ -  -  GB (free  GB)
CD \ DVD Drive:    G:\ 
Removable Disk:    H:\ - FAT32 - 14 GB (free 14 GB)
Bootdevice: \Device\HarddiskVolume2
Windows update: 
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

Anti-Virus: AVG AntiVirus Free Edition 2015 On-access scanning disabled (Outdated)
Anti-Virus: Windows Defender On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: AVG AntiVirus Free Edition 2015 disabled (Outdated)
Default Browser: Google Chrome	40.0.2214.115
Internet Explorer Version: 11.0.9600.17498 
Google Chrome version: 40.0.2214.115

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\HJ\AppData\Local\Temp ====
2015-02-24 18:21:06	7726B3560CEC952EEF50B797803428D5	2084888	----a-w-	C:\Users\HJ\AppData\Local\Temp\UNINSTALL.EXE
2015-02-24 18:20:14	7062890D11B6045CA423F0C5E3481C7F	942080	----a-w-	C:\Users\HJ\AppData\Local\Temp\msdtadmin\_7F81E3FD-C63A-4287-B64F-4AB5D72F4BA4_\cabpkg\windowsupdatediagnostic\DiagPackage.dll
2015-02-24 18:20:14	2ADA35183598CC6710ECA03F8BECB33F	5632	----a-w-	C:\Users\HJ\AppData\Local\Temp\msdtadmin\_7F81E3FD-C63A-4287-B64F-4AB5D72F4BA4_\cabpkg\BitsDiagnostic\DiagPackage.dll
2015-02-23 22:22:34	F492BD06804172F62F2AE56A07BE21DB	3247664	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\vsapi64.dll
2015-02-23 22:22:34	BDE21EC1618633A32EE2ED984B3FEDD8	93008	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\BPMNT.dll
2015-02-23 22:22:34	6F4DDB6409590FC53EB4287465964863	2866224	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\tscdll64.dll
2015-02-23 22:22:21	F82469A1100DA72AB6071C45FA665E96	318464	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\plugin\downloader.plugin.dll
2015-02-23 22:22:21	F51065667FB127CF6DE984DAEA2F6B24	285208	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\Tmcomm.sys
2015-02-23 22:22:21	DCFC19032C60CCC660D4346295DA42B9	45320	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\utilClientLoader.dll
2015-02-23 22:22:21	A6FF2533FCCCCC22E6FE7CCB4382D5EF	1908736	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\libeay32.dll
2015-02-23 22:22:21	A5E4B3FF51CF5B7926D9651908FEB666	1558912	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\dbghelp.dll
2015-02-23 22:22:21	A4A74365C700E005C49318C20C8D2EBF	1185296	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\tmufeng.dll
2015-02-23 22:22:21	99559F8DE53EAC2C8DBC23595803A69D	46352	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\TMEBC64.sys
2015-02-23 22:22:21	98D7D2F55A73A2F7640323572F68FD09	647728	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\tmfbeng.dll
2015-02-23 22:22:21	86428A172571540ACFA1FEB4945DF2C1	239664	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\perfiCrcPerfMonMgr.dll
2015-02-23 22:22:21	670DA175BF2CA93A60D243EA24CE8220	788480	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\libcurl.dll
2015-02-23 22:22:21	65FB3391EB26F5AC647FC40501D8E21D	149264	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\symsrv.dll
2015-02-23 22:22:21	381641E1625DD93D2855CFF095004C62	447488	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\ssleay32.dll
2015-02-23 22:22:21	22B8266910C5CA0325CC7E27967A354A	4175408	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\hc_core.dll
2015-02-23 22:22:21	227AAAE2B6E60ADD679F632C3BF51A61	148992	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\libexpatw.dll
2015-02-23 22:22:21	2191B4A8011D73906BC2B8A6D4E8B351	2667536	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\smv64.dll
2015-02-23 22:22:21	0DDC5509168F24D8248E103210890098	420400	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\TmEngDrv.dll
2015-02-23 22:22:21	0C33A49F9125FAD652A72554394C03C3	2253872	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\ICRCHdler.dll
2015-02-23 22:22:19	1268254DAA9E4F7CD481AAFB5C265FD4	4641496	----a-w-	C:\Users\HJ\AppData\Local\Temp\HCBackup\hcpackage64.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2015-02-23 22:22:21	F51065667FB127CF6DE984DAEA2F6B24	285208	----a-w-	C:\Windows\Sysnative\drivers\tmcomm.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-02-24 18:33:08	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
======= C: =====
2015-02-23 21:50:24	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Recovery.txt
====== C:\Users\HJ\AppData\Roaming ======
2015-02-24 19:10:34	ED5B5D3CD36065183C908A709F7937A0	7602	----a-w-	C:\Users\HJ\AppData\Local\Resmon.ResmonCfg
2015-02-24 17:09:22	--------	d-----w-	C:\Users\HJ\AppData\Local\Programs
2015-02-23 22:30:45	AA52D0E7F4157B3B569CDAA24ACAE680	369392	----a-w-	C:\Users\HJ\AppData\Local\census.cache
2015-02-23 22:30:44	FB83B4E7F836161BDCB93176BA34EC90	168485	----a-w-	C:\Users\HJ\AppData\Local\ars.cache
2015-02-23 22:22:19	6A486F77CBF0D5B89E1858FD8FA42216	36	----a-w-	C:\Users\HJ\AppData\Local\housecall.guid.cache
2015-02-17 18:58:14	--------	d-----w-	C:\Users\HJ\AppData\Local\ElevatedDiagnostics
====== C:\Users\HJ ======
2015-02-24 18:33:00	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\HJ\Downloads\RSITx64.exe
2015-02-24 17:30:26	--------	d-----w-	C:\ProgramData\HitmanPro
2015-02-24 17:27:15	30EB4B0B974B83C488D78EE19F42916A	10995632	----a-w-	C:\Users\HJ\Downloads\HitmanPro_x64.exe
2015-02-24 17:09:06	3BD59D6C407AB1F6DDD7C5D9BD727469	20447072	----a-w-	C:\Users\HJ\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-23 22:22:15	57E86EA1E1AEBF898496F38D10A57664	2494560	----a-w-	C:\Users\HJ\Downloads\HousecallLauncher64.exe
2015-02-23 22:16:48	45D44A7710432FB898BED8EE8CBA10B8	5325208	----a-w-	C:\Users\HJ\Downloads\ccsetup502.exe
2015-02-23 18:21:48	A5BCBBC688CEE4816FA34EED70EC18E1	2047	----a-w-	C:\ProgramData\1424715699.4732.bin
2015-02-23 18:21:48	1B98BC77258A78C6A0E49789ADAEEFA9	814	----a-w-	C:\ProgramData\1424715699.3392.bin
2015-02-23 18:21:39	90503C277E2A7AF29F3B202DD1FEB769	42649	----a-w-	C:\ProgramData\1424715699.4728.bin
2015-02-17 19:07:40	--------	d-----w-	C:\ProgramData\EPSON
2015-02-13 08:10:06	95A8D4DD04ECEC15DE6A7E77038D434C	357376	----atw-	C:\ProgramData\01BCB6018.zot

====== C: exe-files ==
2015-02-24 18:33:08	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\HJ.exe
2015-02-24 18:33:00	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\HJ\Downloads\RSITx64.exe
2015-02-24 18:21:06	7726B3560CEC952EEF50B797803428D5	2084888	----a-w-	C:\Users\HJ\AppData\Local\Temp\UNINSTALL.EXE
2015-02-24 17:27:15	30EB4B0B974B83C488D78EE19F42916A	10995632	----a-w-	C:\Users\HJ\Downloads\HitmanPro_x64.exe
2015-02-24 17:09:06	3BD59D6C407AB1F6DDD7C5D9BD727469	20447072	----a-w-	C:\Users\HJ\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-24 05:11:12	C5FD49B0561203A17BBF947738CB124A	41186896	----a-w-	C:\Program Files (x86)\Google\Update\Install\{97A744DF-B27C-4C84-B6E4-EE1082AA88FD}\40.0.2214.115_chrome_installer.exe
2015-02-24 05:11:11	C5FD49B0561203A17BBF947738CB124A	41186896	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.115\40.0.2214.115_chrome_installer.exe
2015-02-23 23:11:39	F4CC03D0A936AD6780ADA614AE81B413	840272	----a-w-	C:\Program Files (x86)\Google\Update\Install\{96FEB36C-A38D-472C-994B-FE587C6B00D1}\40.0.2214.115_40.0.2214.111_chrome_updater.exe
2015-02-23 23:11:39	F4CC03D0A936AD6780ADA614AE81B413	840272	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.115\40.0.2214.115_40.0.2214.111_chrome_updater.exe
2015-02-23 22:22:19	1268254DAA9E4F7CD481AAFB5C265FD4	4641496	----a-w-	C:\Users\HJ\AppData\Local\Temp\HCBackup\hcpackage64.exe
2015-02-23 22:22:15	57E86EA1E1AEBF898496F38D10A57664	2494560	----a-w-	C:\Users\HJ\Downloads\HousecallLauncher64.exe
2015-02-23 22:16:48	45D44A7710432FB898BED8EE8CBA10B8	5325208	----a-w-	C:\Users\HJ\Downloads\ccsetup502.exe
=== C: other files ==
2015-02-24 07:24:32	5CDA906CCC7028F2AA99F8F5D9F1AF71	38347823	----a-w-	C:\Users\HJ\AppData\Local\ElevatedDiagnostics\2560293460\2015022407.000\DataStoreAndWULogFiles.zip
2015-02-23 22:23:48	2B436A823F315AC146F7A64D7506A9A9	7785782	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\tmase.zip
2015-02-23 22:22:21	F51065667FB127CF6DE984DAEA2F6B24	285208	----a-w-	C:\Windows\System32\drivers\tmcomm.sys
2015-02-23 22:22:21	F51065667FB127CF6DE984DAEA2F6B24	285208	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\Tmcomm.sys
2015-02-23 22:22:21	99559F8DE53EAC2C8DBC23595803A69D	46352	----a-w-	C:\Users\HJ\AppData\Local\Temp\HouseCall\TMEBC64.sys
2015-02-23 22:22:21	573EBE6F9691FBD4E2FC285BDCC1C12D	2705	----a-w-	C:\Users\HJ\AppData\Local\Temp\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ini_xml.zip

==== Startup Registry Enabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"="C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16-04-2014 18:58]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16-04-2014 18:58]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{3EE3BB67-B6FE-45C3-A5C0-7328685C1631}" [C:\Windows\system32\msfeedssync.exe]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2014-10-22 11:40:49	--------	d-----w-	C:\PROGRA~3\AVG2015
2015-02-17 19:07:40	--------	d-----w-	C:\PROGRA~3\EPSON
2015-02-24 17:09:32	--------	d-----w-	C:\PROGRA~3\Malwarebytes
2015-02-24 17:30:26	--------	d-----w-	C:\PROGRA~3\HitmanPro

==== Chromium Look ======================

Google Docs - HJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - HJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - HJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - HJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - HJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - HJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://mysearch.avg.com?cid={C25E2791-6FF3-4C7F-9D0E-70EF8D7B36D3}&mid=4adbb0a8fb9047d2a1c505743854aefe-b08ff4df6c2375f4543f2ef0a337519af08453b4&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-21 15:02:36&v=18.1.9.799&pid=safeguard&sg=&sap=hp"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{8A7267A0-7FA4-47A0-A4C0-3E451CA9BD7F}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{8A7267A0-7FA4-47A0-A4C0-3E451CA9BD7F} Bing  Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB"

==== Reset Google Chrome ======================

C:\Users\HJ\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\HJ\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Default\Desktop\ALDI Foto Service.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.aldifoto.nl
C:\Users\Default\Desktop\ALDI Talk.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.medionmobile.nl
C:\Users\Default\Desktop\Hartelijk welkom bij ALDI.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.aldi.nl
C:\Users\Default\Desktop\Welkom bij MEDION.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.medion.com/nl
C:\Users\Default User\Desktop\ALDI Foto Service.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.aldifoto.nl
C:\Users\Default User\Desktop\ALDI Talk.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.medionmobile.nl
C:\Users\Default User\Desktop\Hartelijk welkom bij ALDI.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.aldi.nl
C:\Users\Default User\Desktop\Welkom bij MEDION.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.medion.com/nl
C:\Users\HJ\Desktop\ALDI Foto Service.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.aldifoto.nl
C:\Users\HJ\Desktop\ALDI Talk.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.medionmobile.nl
C:\Users\HJ\Desktop\Hartelijk welkom bij ALDI.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.aldi.nl
C:\Users\HJ\Desktop\Welkom bij MEDION.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.medion.com/nl

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\AVG 2015.lnk - C:\Program Files (x86)\AVG\AVG2015\avgui.exe 
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Public\Desktop\Marktplaats.nl.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe adfarm.mediaplex.com/ad/ck/5026-153897-5908-0?mpre=http%3A%2F%2Fwww.marktplaats.nl

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2015.lnk - C:\Program Files (x86)\AVG\AVG2015\avgui.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\HJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\HJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\HJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\HJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\HJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -  
C:\Users\HJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HomeCinema.lnk - C:\Program Files (x86)\CyberLink\Media Suite\PS.exe 
C:\Users\HJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\OpenOffice Writer.lnk - C:\Program Files (x86)\OpenOffice 4\program\swriter.exe 
C:\Users\HJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PhotoDirector 3.lnk - C:\Program Files (x86)\CyberLink\PhotoDirector3\PhotoDirector3.exe 
C:\Users\HJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== shortcuts After Repair ======================

C:\Users\Default\Desktop\ALDI Foto Service.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Default\Desktop\ALDI Talk.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Default\Desktop\Hartelijk welkom bij ALDI.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Default\Desktop\Welkom bij MEDION.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Default User\Desktop\ALDI Foto Service.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Default User\Desktop\ALDI Talk.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Default User\Desktop\Hartelijk welkom bij ALDI.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Default User\Desktop\Welkom bij MEDION.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\HJ\Desktop\ALDI Foto Service.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\HJ\Desktop\ALDI Talk.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\HJ\Desktop\Hartelijk welkom bij ALDI.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\HJ\Desktop\Welkom bij MEDION.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O9 - Extra button: Marktplaats.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - adfarm.mediaplex.com/ad/ck/5026-153897-5908-1?mpre=http%3A%2F%2Fwww.marktplaats.nl (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Marktplaats.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - adfarm.mediaplex.com/ad/ck/5026-153897-5908-1?mpre=http%3A%2F%2Fwww.marktplaats.nl (file missing) (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\HJ\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\HJ\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\HJ\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\HJ\AppData\Local\Microsoft\Windows\INetCache\IE\B2MAWYD1 will be deleted at reboot
C:\Users\HJ\AppData\Local\Microsoft\Windows\INetCache\IE\MXBE0PBH will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\HJ\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=16 folders=28 14574606 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\HJ\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\HJ\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\HJ\AppData\Local\Microsoft\Windows\INetCache\IE\B2MAWYD1" not found
"C:\Users\HJ\AppData\Local\Microsoft\Windows\INetCache\IE\MXBE0PBH" not found

==== EOF on ma 02-03-2015 at 19:23:31,88 ======================