
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Merino on do 31-12-2015 at 14:53:58,85.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Merino\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== Older Logs ======================

C:\zoek-results2015-12-30-151418.log	38045 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Users\Merino\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Users\Merino\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Program Files (x86)\AVG\AVG PC TuneUp not found
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp deleted
"C:\Windows\Sysnative\Tasks\AVGPCTuneUp_Task_BkGndMaintenance" deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 2934 MB
CPU Info: Intel(R) Pentium(R) CPU        P6000  @ 1.87GHz
CPU Speed: 1866,7 MHz
Sound Card: Luidsprekers en koptelefoons (I | 
Display Adapters: Intel(R) Graphics Media Accelerator HD | Intel(R) Graphics Media Accelerator HD | ATI Mobility Radeon HD 5470  | ATI Mobility Radeon HD 5470  | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm | 
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Atheros AR9285 802.11b/g/n WiFi Adapter
CD / DVD Drives: 1x (F: | ) F: hp      DVDRAM GT31L
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  276,1GB | D:  21,7GB | E:  99,3MB
Hard Disks - Free: C:  91,1GB | D:  3,1GB | E:  90,3MB
Manufacturer *: Hewlett-Packard
BIOS Info: AT/AT COMPATIBLE | 06/22/10 | HPQOEM - 1
Time Zone: West-Europa (standaardtijd)
Motherboard *: Hewlett-Packard 144A
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

AV: AVG AntiVirus Free Edition *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
Default Browser: Google Chrome	47.0.2526.106
Internet Explorer Version: 11.0.9600.18124 
Google Chrome version: 47.0.2526.106
Adobe Reader version: 15.9.20077.160923
Flash Player version: 20.0.0.267

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-12-28 21:53:47	D1E75542EC8D1B4851765A57AC63618E	1908	----a-w-	C:\Windows\diagwrn.xml
2015-12-28 21:53:47	02D3219818501F8912E2EE28F17A6232	2827	----a-w-	C:\Windows\diagerr.xml
====== C:\Users\Merino\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-12-29 17:25:47	B9C67D7635EA8F1AC5714F8D1B5364E3	9479872	----a-w-	C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-12-28 17:00:09	F4F36D2AA4C3A686F749BF1C46F84C37	32680	----a-w-	C:\Windows\SysWOW64\authuitu.dll
2015-12-27 13:37:50	1EBAD61A39FFA54D0758BFBF7DBD3B12	796864	----a-w-	C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-27 13:37:50	06EBAB5CFA01199CB807260951562839	142528	----a-w-	C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-22 15:51:22	7753FC56F9CAC4B5AFDA3196DB654F21	144664	----a-w-	C:\Windows\SysWOW64\secman.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-12-28 17:00:17	042BCF18CACC921E7B46FEE1A8105C04	46504	----a-w-	C:\Windows\Sysnative\TURegOpt.exe
2015-12-28 17:00:10	29F3CBB16E7A4DAB3B1106227815BDB1	37288	----a-w-	C:\Windows\Sysnative\authuitu.dll
====== C:\Windows\Sysnative\drivers =====
2015-12-09 00:08:12	5BD6B1EC997FF3DD779D62E05D2079A8	146944	----a-w-	C:\Windows\Sysnative\drivers\rmcast.sys
====== C:\Windows\Tasks ======
2015-12-27 13:37:51	340537BFDB60516415FF5A8762B110CD	3878	----a-w-	C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater
2015-12-27 13:37:51	0D122A7377560F3E0D21E9736D5F79CD	940	----a-w-	C:\Windows\Tasks\Adobe Flash Player Updater.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2015-12-26 01:30:38	--------	d-----w-	C:\PROGRA~2\Free WMA to MP3 Converter
2015-12-26 01:28:22	--------	d-----w-	C:\PROGRA~2\Audacity
2015-12-22 15:49:31	--------	d-----w-	C:\PROGRA~2\Samsung
2015-12-17 11:42:52	--------	d-----w-	C:\PROGRA~2\COMMON~1\DESIGNER
2015-12-04 20:41:20	--------	d-----w-	C:\PROGRA~2\x264vfw
======= C: =====
====== C:\Users\Merino\AppData\Roaming ======
2015-12-30 13:34:25	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2015-12-30 13:34:25	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2015-12-30 13:34:25	--------	d-----w-	C:\Users\Merino\AppData\Local\Temp
2015-12-26 01:28:43	--------	d-----w-	C:\Users\Merino\AppData\Roaming\Audacity
2015-12-22 15:56:52	--------	d-----w-	C:\Users\Merino\AppData\Roaming\Samsung
2015-12-22 15:47:42	--------	d-----w-	C:\Users\Merino\AppData\Local\Downloaded Installations
2015-12-17 22:05:47	--------	d-----w-	C:\Users\Merino\AppData\Roaming\vlc
2015-12-12 17:17:00	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Dropbox
2015-12-12 17:16:23	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Dropbox
2015-12-09 23:01:36	--------	d-----w-	C:\Users\Default\AppData\Roaming\TuneUp Software
2015-12-09 23:01:36	--------	d-----w-	C:\Users\Default User\AppData\Roaming\TuneUp Software
2015-12-07 06:32:39	01992F1385DF5A7DBAD3EF009E7192B0	1870432	----a-w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
2015-12-02 14:55:44	--------	d-----w-	C:\Users\Merino\AppData\Local\Programs
====== C:\Users\Merino ======
2015-12-29 12:53:12	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Merino\Downloads\RSITx64.exe
2015-12-26 01:30:39	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jodix
2015-12-26 01:30:05	28B89D8AEA77B47A86EBAB90120612B1	948090	----a-w-	C:\Users\Merino\Downloads\free-wma-mp3-converter.exe
2015-12-26 01:28:05	DCCEA87D7FA553604861ADBCB86F4513	25186399	----a-w-	C:\Users\Merino\Downloads\audacity-win-2.1.1.exe
2015-12-22 19:24:15	E43C6D90C73276B88B4C01B371DCE12A	43832704	----a-w-	C:\Users\Merino\Downloads\Kies3Setup.exe
2015-12-22 15:57:56	--------	d-----w-	C:\Users\Public\Documents\NativeFus_Log
2015-12-22 15:51:25	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-12-22 15:49:31	--------	d-----w-	C:\ProgramData\Samsung
2015-12-12 17:17:45	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-12 17:16:54	--------	d-----r-	C:\Windows\sysWoW64\config\systemprofile\Documents
2015-12-12 17:16:54	--------	d-----r-	C:\Windows\sysWoW64\config\systemprofile\Desktop
2015-12-04 20:41:20	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x264vfw

====== C: exe-files ==
2015-12-31 13:52:51	F3B4D38C93D1788A0D28B9399449538E	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-567766478-1147120031-4173233673-1000\$IVANQ6T.exe
2015-12-30 13:03:05	7EA0260488F304D68067A50B33A23AC2	1309184	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-567766478-1147120031-4173233673-1000\$RVANQ6T.exe
2015-12-29 17:25:47	B9C67D7635EA8F1AC5714F8D1B5364E3	9479872	----a-w-	C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-12-29 12:53:12	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Merino\Downloads\RSITx64.exe
2015-12-28 17:00:17	042BCF18CACC921E7B46FEE1A8105C04	46504	----a-w-	C:\Windows\System32\TURegOpt.exe
2015-12-28 16:58:05	F3EF4F73D33DE2DB7DE63D1F385D8830	3141544	----a-w-	C:\Program Files (x86)\AVG\Setup\avgsetupx.exe
2015-12-28 16:58:05	B1B196EAD3B14E6E1C508DEF1A65CED3	797096	----a-w-	C:\Program Files (x86)\AVG\Setup\avgntdumpx.exe
2015-12-27 13:37:50	1EBAD61A39FFA54D0758BFBF7DBD3B12	796864	----a-w-	C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-26 01:30:38	992E3F82E5011D521CD32A4923C72594	674779	----a-w-	C:\Program Files (x86)\Free WMA to MP3 Converter\unins000.exe
2015-12-26 01:30:38	523D2E5F9A0459455501769A7FDD513E	1740800	----a-w-	C:\Program Files (x86)\Free WMA to MP3 Converter\wma_mp3_converter.exe
2015-12-26 01:30:05	28B89D8AEA77B47A86EBAB90120612B1	948090	----a-w-	C:\Users\Merino\Downloads\free-wma-mp3-converter.exe
2015-12-26 01:28:22	CFB0BF2F82935BB89B3E939A6D48F8D3	1487127	----a-w-	C:\Program Files (x86)\Audacity\unins000.exe
2015-12-26 01:28:22	C237DF9EB491D6368A90B22FC5085EF1	8441344	----a-w-	C:\Program Files (x86)\Audacity\audacity.exe
2015-12-26 01:28:05	DCCEA87D7FA553604861ADBCB86F4513	25186399	----a-w-	C:\Users\Merino\Downloads\audacity-win-2.1.1.exe
=== C: other files ==

==== Orphaned Tasks deleted from Registry ======================

AVGPCTuneUp_Task_BkGndMaintenance deleted

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-567766478-1147120031-4173233673-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"="C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun"
"GUDelayStartup"="C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe -delayrun"
"Spotify Web Helper"="C:\Users\Merino\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"
"AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguix.exe /fmw.trayonly"
"AVG_UI"="C:\Program Files (x86)\AVG\Av\avgui.exe /TRAYONLY"
"Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"="C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun"
"GUDelayStartup"="C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe -delayrun"
"Spotify Web Helper"="C:\Users\Merino\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Quick Launch"="C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"HPWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [29-12-2015 18:26]
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [16-11-2015 15:57]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-10-2015 12:08]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Merino-PC-Merino" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\CLMLSvc" [c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\Kernel\CLML\CLMLSvc.exe]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\DVDAgent" [c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe]
"C:\Windows\SysNative\tasks\GlaryInitialize 5" [C:\Program Files (x86)\Glary Utilities 5\Initialize.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Chromium Look ======================

Google Slides - Merino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Merino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Merino\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Merino\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Merino\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Merino\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - Merino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
AdBlock - Merino\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Chrome Web Store Payments - Merino\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Merino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Merino\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: Dropbox-update-service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox-update-service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Unknown owner - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\STacSV64.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Merino\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T474FUEY will be deleted at reboot
C:\Users\Merino\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTHDD9LH will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Merino\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1930 folders=65 181790888 bytes)

==== Empty Temp Folders ======================

C:\Users\Merino\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Merino\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Merino\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T474FUEY" not found
"C:\Users\Merino\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTHDD9LH" not found

==== EOF on do 31-12-2015 at 16:18:47,41 ======================