Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Dirk on ma 11/05/2015 at 11:03:56,53. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Dirk\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 11/05/2015 11:09:21 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Program Files\log deleted successfully C:\Users\Dirk 2\AppData\Roaming\Malwarebytes deleted successfully C:\Users\Dirk 2\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\Dirk 2\AppData\Local\{91BE96DA-7478-44C6-858E-31132BFC86F4} deleted successfully C:\Users\Dirk 2\AppData\Local\{C60C7858-E25C-4A88-97D8-89F997176C3F} deleted successfully C:\Users\Dirk 2\AppData\Local\{C97F9615-1EA6-4370-B6D2-9049952223B6} deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1002\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4538EC8-DDA4-4CC9-9424-E2E59B796DEC} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_CLASSES_ROOT\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_CLASSES_ROOT\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully ==== Installed Programs ====================== 4500_G510nz_Help 4500G510nz 4500G510nz_Software_Min 64 Bit HP CIO Components Installer ActiveX-kontroll f”r fj„rranslutningar f”r Windows Live Mesh Adobe AIR Adobe Flash Player 17 ActiveX Adobe Flash Player 17 NPAPI Adobe Reader X (10.1.13) MUI Adobe Refresh Manager Adobe Shockwave Player 11.6 Apple Application Support Apple Mobile Device Support Apple Software Update ArcSoft Panorama Maker 5 Ashampoo Burning Studio Ashampoo Photo Commander Ashampoo Photo Optimizer Ashampoo Snap Asmedia ASM104x USB 3.0 Host Controller Driver AVEO USB2.0 PC Camera(S5HVTV1P20821) AVG 2012 AVG Security Toolbar Belgium e-ID middleware 4.0.7 (build 7453) Bonjour Brother MFL-Pro Suite MFC-7360N BufferChm CCleaner Control ActiveX de Windows Live Mesh para conexiones remotas Contr“le ActiveX Windows Live Mesh pour connexions … distance Controlo ActiveX do Windows Live Mesh para Liga‡äes Remotas Corel Graphics - Windows Shell Extension Corel Graphics - Windows Shell Extension 64 Bit CorelDRAW Essentials X5 - Common CorelDRAW Essentials X5 - Connect CorelDRAW Essentials X5 - Custom Data CorelDRAW Essentials X5 - DE CorelDRAW Essentials X5 - Draw CorelDRAW Essentials X5 - EN CorelDRAW Essentials X5 - ES CorelDRAW Essentials X5 - Extra Content CorelDRAW Essentials X5 - Filters CorelDRAW Essentials X5 - FR CorelDRAW Essentials X5 - IPM CorelDRAW Essentials X5 - IT CorelDRAW Essentials X5 - PHOTO-PAINT CorelDRAW Essentials X5 - Redist CorelDRAW Essentials X5 - Setup Files CorelDRAW Essentials X5 - WT CorelDRAW Essentials X5 CyberLink LabelPrint CyberLink MediaEspresso CyberLink Power2Go CyberLink PowerDVD Copy CyberLink PowerRecover CyberLink YouPaint D3DX10 Definition Update for Microsoft Office 2010 (KB2965299) 32-Bit Edition Destinations DeviceDiscovery DocMgr DocProc Dropbox Facebook Video Calling 3.1.0.521 Fax Firebird 2.1.1.17910 (Win32) Firebird SQL Server - MAGIX Edition Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych Fotogalerija Windows Live Galeria de Fotografias do Windows Live Galer¡a fotogr fica de Windows Live Galeria fotografii uslugi Windows Live Galerie de photos Windows Live Ginger Google Chrome Google Earth Google SketchUp 8 Google Toolbar for Internet Explorer Google Update Helper GPBaseService2 HiJackThis HP Customer Participation Program 13.0 HP Document Manager 2.0 HP Imaging Device Functions 13.0 HP Officejet 4500 G510n-z HP Smart Web Printing 4.5 HP Solution Center 13.0 HP Update HPDiagnosticAlert HPProductAssistant HPSSupply IBM Lotus Symphony Intel(R) Management Engine Components Intel(R) Rapid Storage Technology IrfanView (remove only) iTunes Java 7 Update 67 Java Auto Updater Junk Mail filter update Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave Lotus Organizer 97 MAGIX Foto Manager 2007 4.1.1.89 (NL) MAGIX Music Manager 2007 8.1.1.98 (NL) MAGIX Video deluxe 2008 PLUS 7.0.2.3 (NL) MAGIX Xtreme Photo Designer 6 6.0.20.0 (NL) Malwarebytes Anti-Malware versie 2.0.2.1012 MarketResearch McAfee Security Scan Plus McAfee WebAdvisor Medion Home Cinema Mesh Runtime Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Home and Student 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft XML Parser MioMore Desktop Mozilla Firefox 36.0.4 (x86 nl) Mozilla Maintenance Service MSI to redistribute MS VS2005 CRT libraries MSVC90_x64 MSVC90_x86 MSVCRT MSVCRT_amd64 MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB2758694) MSXML 4.0 SP3 Parser (KB973685) MyFreeCodec Network64 Nikon File Uploader 2 Nikon Message Center 2 Nitro Reader 3 Nokia Connectivity Cable Driver Nokia PC Suite Nuance PaperPort 12 Nuance PDF Viewer Plus NVIDIA-configuratiescherm 331.65 NVIDIA 3D Vision controllerstuurprogramma 306.23 NVIDIA 3D Vision stuurprogramma 331.65 NVIDIA Grafisch stuurprogramma 331.65 NVIDIA HD Audio-stuurprogramma 1.3.18.0 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX systeemsoftware 9.12.0604 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.15.2 NVIDIA Update Components OCR Software by I.R.I.S. 13.0 Paint Shop Pro 7 Anniversary Edition PaperPort Image Printer 64-bit PC Connectivity Solution PCDJ Red 5.0 Picture Control Utility Pimero 2011 R3 Free Edition PLATINUM PV-Monitor v2.2.1 PlayReady PC Runtime amd64 Poczta uslugi Windows Live Podstawowe programy Windows Live Posta Windows Live QuickTime 7 Raccolta foto di Windows Live Realtek High Definition Audio Driver S?????? f?t???af??? t?? Windows Live Samsung Kies SAMSUNG USB Driver for Mobile Phones Scan Scansoft PDF Professional Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft .NET Framework 4.5.1 (KB3037581) Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2889839) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2920748) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2553428) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Shop for HP Supplies Skype Click to Call SkypeT 7.0 SmartWebPrinting SolutionCenter Speccy Spelling Dictionaries Support For Adobe Reader X St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?æa???sæ??e? s??d?se?? Status Stuurprogrammapakket voor Windows - Fedict SmartCard (03/25/2014 4.0.7.4) Sunny Design 2.20 Switch Sound File Converter swMSM SyncBackFree Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD TeamViewer 9 TomTom HOME TomTom HOME Visual Studio Merge Modules Toolbox TrayApp Update for Microsoft Access 2010 (KB2837601) 32-Bit Edition Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2881026) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft Office 2010 (KB2920813) 32-Bit Edition Update for Microsoft Office 2010 (KB2956141) 32-Bit Edition Update for Microsoft Office 2010 (KB2956191) 32-Bit Edition Update for Microsoft Office 2010 (KB2965235) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2956205) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2965295) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2956190) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio 2010 (KB2881025) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2881021) 32-Bit Edition Uzak BaglantÕlar I‡in Windows Live Mesh ActiveX Denetimi VASCO Card Reader Plug-In (64-Bit) VASCO Smart Card Reader Plug-In (User) ViewNX 2 Visual Studio 2008 x64 Redistributables WavePad Sound Editor WebReg Windows-stuurprogrammapakket - Nokia Modem (02/25/2011 4.7) Windows-stuurprogrammapakket - Nokia Modem (02/25/2011 7.01.0.9) Windows-stuurprogrammapakket - Nokia pccsmcfd (08/22/2008 7.0.0.0) Windows Live Communications Platform Windows Live Essentials Windows Live Fotogalerie Windows Live Fotogalleri Windows Live Fotograf Galerisi Windows Live Fot¢t r Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger Windows Live Mesh ActiveX-objekt til fjernforbindelser Windows Live Mesh ActiveX-vez‚rlo t voli kapcsolatokhoz Windows Live Mesh ActiveX Control for Remote Connections Windows Live Mesh ActiveX control for remote connections Windows Live Meshin et„yhteyksien ActiveX-komponentti Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Par‡alar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Liven asennusty”kalu Windows Liven s„hk”posti Windows Liven valokuvavalikoima WinZip 17.5 ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe C:\Program Files (x86)\Ginger\GingerUpdateService\GingerUpdateService.exe C:\Windows\SysWOW64\svchost.exe C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\loggingserver.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files (x86)\Samsung\Kies\Kies.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\IBM\Lotus\Symphony\framework\rcp\eclipse\plugins\com.ibm.rcp.base_6.2.3.20110915-1350\win32\x86\symphony.exe C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\IBM\Lotus\Symphony\framework\shared\eclipse\plugins\com.ibm.symphony.brand.win32_3.0.1.20120110-2000\program\soffice.bin C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE C:\Program Files (x86)\AVG\AVG2012\avgcfgex.exe C:\Users\Dirk\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\0208071428999675mcinstcleanup deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\0208071428999675mcinstcleanup deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McAfee SiteAdvisor Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\McAfee SiteAdvisor Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McComponentHostService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\McComponentHostService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.3.0 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater18.3.0 deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\nnehaohk.default user.js not found ---- Lines {4ED1F68A-5463-4931-9384-8FFF5ED91D92} removed from prefs.js ---- user_pref("extensions.xpiState", "{\"app-profile\":{\"{e001c731-5e37-4538-a5cb-8168736a2360}\":{\"d\":\"C:\\\\Users\\\\Dirk\\\\AppData\\\\Roaming\\\\M ---- FireFox user.js and prefs.js backups ---- prefs_20151105_1126_.backup ProfilePath: C:\Users\Dirk\AppData\Roaming\TomTom\HOME\Profiles\8iyol1o0.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20151105_1126_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "vProt"=- ""=- ==== Deleting Files \ Folders ====================== C:\ProgramData\AVG Secure Search deleted C:\PROGRA~2\AVG Security Toolbar deleted C:\Users\Dirk\AppData\Local\AVG Secure Search deleted C:\Users\Dirk 2\AppData\Local\AVG Secure Search deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted C:\Users\Dirk\Downloads\MapsGalaxy.exe deleted C:\Users\Dirk\AppData\LocalLow\AVG Secure Search deleted C:\Users\Dirk 2\AppData\LocalLow\AVG Secure Search deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Users\Dirk\Documents\Add-in Express deleted "C:\Program Files (x86)\AVG Secure Search\vprot.exe" deleted "C:\PROGRA~2\AVG Secure Search\vprot.exe" deleted "C:\PROGRA~2\AVG Secure Search\vprot.exe" deleted "c:\PROGRA~2\McAfee\SiteAdvisor\sahook.dll" deleted "c:\PROGRA~2\McAfee\SiteAdvisor\x64\saHook.dll" deleted "c:\PROGRA~2\McAfee\SiteAdvisor\x64\saPlugin.dll" not deleted "C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\18.3.0\avgdttbx.dll" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.3.0\SiteSafety.dll" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\log4cplusU.dll" deleted "C:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll" deleted "C:\Program Files (x86)\McAfee\SiteAdvisor\x64\saHook.dll" deleted "C:\Program Files (x86)\McAfee\SiteAdvisor\x64\saPlugin.dll" not deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\18.3.0\avgdttbx.dll" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\18.3.0\SiteSafety.dll" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\18.3.0\log4cplusU.dll" deleted "C:\Program Files (x86)\AVG Secure Search" deleted "c:\PROGRA~2\McAfee" not deleted "C:\Program Files\McAfee Security Scan" not deleted "C:\Program Files (x86)\Common Files\AVG Secure Search" deleted "C:\Program Files (x86)\McAfee" not deleted "C:\PROGRA~2\AVG Secure Search" deleted "C:\PROGRA~2\AVG Secure Search" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted "c:\PROGRA~2\McAfee\SiteAdvisor" not deleted "c:\PROGRA~2\McAfee\SiteAdvisor\x64" not deleted "C:\Program Files\McAfee Security Scan\3.8.150" not deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\18.3.0" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.3.0" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0" deleted "C:\Program Files (x86)\McAfee\SiteAdvisor" not deleted "C:\Program Files (x86)\McAfee\SiteAdvisor\x64" not deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\18.3.0" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\18.3.0" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\18.3.0" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4078 MB CPU Info: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz CPU Speed: 2989,2 MHz Sound Card: Realtek HD Audio 2nd output (Re | Display Adapters: NVIDIA GeForce GTX 550 Ti | NVIDIA GeForce GTX 550 Ti | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1280 X 1024 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Realtek PCIe GBE Family Controller | Realtek RTL8191SU Wireless LAN 802.11n USB 2.0 Network Adapter CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SH-216AB Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 1811,9GB | D: 50,0GB | F: 189,9GB Hard Disks - Free: C: 1572,3GB | D: 22,3GB | F: 110,7GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 08/15/11 | MEDION - 7292010 Time Zone: Romance (standaardtijd) Motherboard *: MEDIONPC MS-7728 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: AVG Anti-Virus Free Edition 2012 On-access scanning disabled (Outdated) Anti-Spyware: AVG Anti-Virus Free Edition 2012 disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Internet Explorer Version: 11.0.9600.17728 Mozilla Firefox version: 36.0.4 (x86 nl) Google Chrome version: 42.0.2311.135 Adobe Reader version: 10.1.13.16 Sun Java version: 1.7.0_67 (32-bit) Flash Player version: 17.0.0.169 Shockwave Player version: 11.6.1r629 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Dirk\AppData\Local\Temp ==== 2015-05-11 08:11:33 C9889FA47FA63E6257B7A966C40BE286 43008 ----a-w- C:\Users\Dirk\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpydnqst.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2015-04-15 16:53:18 1FA627E63195BF3BF636BFEF0D7190D4 155576 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2015-04-15 16:53:18 063C09DB965E3DFD6F4F08416F6DB8F5 95672 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-04-15 16:52:54 F61634BEC53F73702A10DE69F6DCAF57 754688 ----a-w- C:\Windows\Sysnative\drivers\http.sys ====== C:\Windows\Tasks ====== 2015-04-11 13:13:18 -------- d-----w- C:\Windows\Sysnative\Tasks\2BrightSparks ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2015-04-15 18:19:21 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2015-04-11 13:12:36 -------- d-----w- C:\PROGRA~2\2BrightSparks ======= C: ===== ====== C:\Users\Dirk\AppData\Roaming ====== 2015-04-11 13:13:18 -------- d-----w- C:\Users\Dirk\AppData\Roaming\2BrightSparks 2015-04-11 13:12:37 -------- d-----w- C:\Users\Dirk\AppData\Local\2BrightSparks ====== C:\Users\Dirk ====== 2015-04-15 18:19:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-04-11 13:12:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks ====== C: exe-files == 2015-05-05 13:26:11 AEEB52EF80726B97D2F1D2CE40D7FFAF 7155080 ----a-w- C:\Program Files (x86)\AVG\AVG2012\Notification\Launcher.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1001\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler" "AVG-Secure-Search-Update_JUNE2013_TB"="C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe /PROMPT /CMPID=JUNE2013_TB" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1002\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Facebook Update"="C:\Users\Dirk\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" @="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" [HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "PPort12reminder"="C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe -r C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini" "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup" "Nikon Message Center 2"="C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s" "TrayServer"="C:\Program Files (x86)\MAGIX\Video_deluxe_2008_PLUS\TrayServer.exe" "AVG_TRAY"="C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Facebook Update"="C:\Users\Dirk\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" @="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcSoft Connection Service] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ArcSoft Connection Service" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BrStsMon00] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BrStsMon00" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Browny02\\Brother\\BrStMonW.exe /AUTORUN" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ControlCenter4] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ControlCenter4" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\ControlCenter4\\BrCcBoot.exe /autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IndexSearch] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IndexSearch" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Nuance\\PaperPort\\IndexSearch.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesPreload" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Samsung\\Kies\\Kies.exe /preload" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PaperPort PTD] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PaperPort PTD" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Nuance\\PaperPort\\pptd40nt.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PC Suite Tray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PC Suite Tray" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Nokia\\Nokia PC Suite 7\\PCSuite.exe\" -onlytray" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDF5 Registry Controller] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PDF5 Registry Controller" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Nuance\\PDF Viewer Plus\\RegistryController.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDFHook] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PDFHook" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Nuance\\PDF Viewer Plus\\pdfpro5hook.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SymphonyPreLoad] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SymphonyPreLoad" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\IBM\\Lotus\\Symphony\\framework\\shared\\eclipse\\plugins\\com.ibm.symphony.standard.launcher.win32.x86_3.0.1.20120110-2000\\IBM Lotus Symphony\" -nogui -nosplash" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TomTomHOME.exe" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\"" ==== Startup Folders ====================== 2015-02-12 09:33:38 1135 ----a-w- C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2012-01-31 18:50:58 1300 ----a-w- C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk 2013-02-28 09:22:25 2103 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ \C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002Core.job --a------ [Undetermined Task] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002UA.job --a------ C:\Users\Dirk\AppData\Local\Facebook\Update\FacebookUpdate.exe [06/08/2012 19:27] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/10/2014 11:28] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/10/2014 11:28] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002Core" [C:\Users\Dirk\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002UA" [C:\Users\Dirk\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Registration Trigger IBM Lotus Symphony Task" [C:\Program Files (x86)\IBM\Lotus\Symphony\framework\rcp\rcplauncher.exe] "C:\Windows\SysNative\tasks\{0F149FCB-27FD-47FC-922C-1532BED19E87}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE] "C:\Windows\SysNative\tasks\{25A9E8EC-8939-4E61-86D6-1774133BC7E8}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE] "C:\Windows\SysNative\tasks\{4666BE53-331E-40A3-A3A3-CBFE04293AD6}" [E:\SETUP.EXE] "C:\Windows\SysNative\tasks\{663700EA-3034-1400-0A55-9177391EF801}" [C:\Users\Dirk\AppData\Roaming\raOLYQtH\dvAKIHAm\DViFzICi\oSIIWwOKX.exe] "C:\Windows\SysNative\tasks\{71B44408-363F-4BCB-8943-1D25D40E036A}" [E:\SETUP.EXE] "C:\Windows\SysNative\tasks\{9E18404F-CACC-4243-BE17-DE6F5D38E8D2}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE] "C:\Windows\SysNative\tasks\{AC56546B-526C-4297-A8FC-9670BF7B3764}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE] "C:\Windows\SysNative\tasks\{B305BF8E-3081-4888-8652-590E4040904C}" [E:\SETUP.EXE] "C:\Windows\SysNative\tasks\{D633FEBC-526C-41F1-BA76-2427BDF84EF3}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\nnehaohk.default user_pref("browser.search.selectedEngine", "Google"); user_pref("keyword.URL", "http://search.yahoo.com/search?fr=mcafee&p="); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{F53C93F1-07D5-430c-86D4-C9531B27DFAF}"="C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack" [24/11/2014 19:40] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04/04/2014 12:36] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\nnehaohk.default - Ginger - C:\Program Files (x86)\Ginger\Mozilla\adapter@gingersoftware.com - AVG Do Not Track - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack - Undetermined - C:\Program Files (x86)\McAfee\SiteAdvisor - Bitdefender QuickScan - %ProfilePath%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} ProfilePath: C:\Users\Dirk\AppData\Roaming\TomTom\HOME\Profiles\8iyol1o0.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Carminat TomTom - %ProfilePath%\extensions\RenaultTheme@tomtom.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Ginger - %AppDir%\extensions\adapter@gingersoftware.com - Undetermined - %AppDir%\extensions\belgiumeid@eid.belgium.be - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\nnehaohk.default 87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies F475DAA3CF6D19DA49BE7BAC0A966DB3 - C:\Windows\SysWoW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 9AE02005247DA91AB1743F5208DBEF76 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll - Shockwave Flash CAF78E18A9E1380A0A38065B3B1210E0 - C:\Users\Dirk\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin 3CD19649B2C3023D65E67C056457A2BC - C:\Users\Dirk\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 1CDD28B47D8198F868349BDFBCD1281B - C:\Users\Dirk\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin ==== Chromium Look ====================== Google Chrome Version: 42.0.2311.135 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 12:45] ndibdjnfmopecpmkdieinmbadjfpblof - C:\Program Files (x86)\AVG\AVG2012\Chrome\donottrack.crx[20/04/2012 06:18] Google Docs - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SiteAdvisor - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Skype Click to Call - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com/ig/redirectdomain?brand=MDNE&bmod=MDNE", "startup_urls": [ "http://www.google.com/ig/redirectdomain?brand=MDNE&bmod=MDNE" ] ==== Chromium Fix ====================== C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.hln.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.hln.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{EB00FFD9-2AA4-43FA-829E-EA5EFF0C4E39}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {EB00FFD9-2AA4-43FA-829E-EA5EFF0C4E39} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNE_enDE393BE460" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully HKEY_CLASSES_ROOT\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully ==== HijackThis Entries ====================== O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini" O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s O4 - HKLM\..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_2008_PLUS\TrayServer.exe O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Dirk\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [SymphonyPreLoad] "C:\Program Files (x86)\IBM\Lotus\Symphony\framework\shared\eclipse\plugins\com.ibm.symphony.standard.launcher.win32.x86_3.0.1.20120110-2000\IBM Lotus Symphony" -nogui -nosplash O4 - HKUS\S-1-5-21-462824799-3137052604-784381099-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-462824799-3137052604-784381099-1001\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'UpdatusUser') O4 - HKUS\S-1-5-21-462824799-3137052604-784381099-1001\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler (User 'UpdatusUser') O4 - HKUS\S-1-5-21-462824799-3137052604-784381099-1001\..\Run: [AVG-Secure-Search-Update_JUNE2013_TB] "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB (User 'UpdatusUser') O4 - HKUS\S-1-5-21-462824799-3137052604-784381099-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Dropbox.lnk = Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.dexia.be O15 - Trusted Zone: http://www.hln.be O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: GingerUpdateService - Ginger Software - C:\Program Files (x86)\Ginger\GingerUpdateService\GingerUpdateService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: UPnPService - Magix AG - C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Dirk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Dirk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Dirk 2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Dirk 2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\TEMP.Dirk-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Dirk\AppData\Local\Mozilla\Firefox\Profiles\nnehaohk.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1547 folders=181 211068996 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Dirk\AppData\Local\Temp will be emptied at reboot C:\Users\Dirk 2\AppData\Local\Temp emptied successfully C:\Users\Public\AppData\Local\Temp emptied successfully C:\Users\TEMP\AppData\Local\Temp emptied successfully C:\Users\TEMP.Dirk-PC\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Dirk\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "c:\PROGRA~2\McAfee\SiteAdvisor\x64\saPlugin.dll" not found "C:\Program Files (x86)\McAfee\SiteAdvisor\x64\saPlugin.dll" not found "c:\PROGRA~2\McAfee" not found "C:\Program Files\McAfee Security Scan" not found "C:\Program Files (x86)\McAfee" not found ==== EOF on ma 11/05/2015 at 11:43:36,95 ======================