Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Nathalie on zo 17/07/2016 at 15:04:26,54. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Nathalie\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 17/07/2016 15:09:00 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AVS4YOU deleted successfully C:\PROGRA~2\Mozilla Firefox deleted successfully C:\PROGRA~2\Pixum deleted successfully C:\PROGRA~3\Evernote deleted successfully C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted successfully C:\Users\Nathalie\AppData\Roaming\.# deleted successfully C:\Users\Nathalie\AppData\Roaming\Lite deleted successfully C:\Users\Nathalie\AppData\Roaming\QuickScan deleted successfully C:\Users\Nathalie\AppData\Roaming\talimama deleted successfully C:\Users\Nathalie\AppData\Roaming\{E2395997-866B-4668-A533-8FAF32FD4048} deleted successfully C:\Users\Nathalie\AppData\Local\Cyberlink deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_USERS\S-1-5-21-897849699-3048257354-2142024257-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} deleted successfully HKEY_USERS\S-1-5-21-897849699-3048257354-2142024257-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully HKEY_USERS\S-1-5-21-897849699-3048257354-2142024257-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully HKEY_USERS\S-1-5-21-897849699-3048257354-2142024257-1000\Software\Classes\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully ==== Installed Programs ====================== æTorrent Acer Backup Manager Acer Crystal Eye Webcam Acer ePower Management Acer eRecovery Management Acer ScreenSaver Adblock Plus voor IE (32-bit en 64-bit) Adobe Acrobat Reader DC - Nederlands Adobe AIR Adobe Flash Player 16 NPAPI Adobe Flash Player 22 ActiveX Adobe Refresh Manager Adobe Shockwave Player 12.1 ANT Drivers Installer x64 ATI Catalyst Install Manager Backup Manager V3 Bitdefender Agent Bitdefender Total Security 2016 Bluetooth Stack for Windows by Toshiba Catalyst Control Center - Branding Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish clear.fi Client D3DX10 EAX4 Unified Redist Elevated Installer Explor@ Park Fooz Kids Fooz Kids Platform Free M4a to MP3 Converter 7.1 Garmin Express Garmin Express Tray Garmin MapInstall Garmin USB Drivers Google Chrome Google Earth Google Update Helper Identity Card Intel(R) Management Engine Components Intel(R) Rapid Storage Technology Intel(R) Turbo Boost Technology Monitor 2.0 Launch Manager Logitech SetPoint 6.65 Microsoft .NET Framework 4.5 NLD Language Pack Microsoft .NET Framework 4.6.1 Microsoft Application Error Reporting Microsoft Office 2010 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 False Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 False Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 False Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 False Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 False Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 False Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 Movie Maker Mozilla Maintenance Service Mozilla Thunderbird 38.7.2 (x86 nl) MSVCRT MSVCRT110 MSVCRT110_amd64 MyWinLocker MyWinLocker 4 MyWinLocker Suite OpenOffice.org 3.4.1 PDFCreator Photo Common Photo Gallery Pixum Fotowereld Popcorn-Time PX Profile Update Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Reimage Protector Renesas Electronics USB 3.0 Host Controller Driver Samsung AllShare SAMSUNG USB Driver for Mobile Phones Security Update for Microsoft .NET Framework 4.6.1 (KB3122661) Security Update for Microsoft .NET Framework 4.6.1 (KB3127233) Security Update for Microsoft .NET Framework 4.6.1 (KB3136000) Security Update for Microsoft .NET Framework 4.6.1 (KB3136000v2) Security Update for Microsoft .NET Framework 4.6.1 (KB3142037) Security Update for Microsoft .NET Framework 4.6.1 (KB3143693) Shredder SketchUp 2016 SkypeT 7.0 SoulseekQt Splinter Cell - Blacklist Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) swMSM Synaptics Pointing Device Driver Tom Clancy's Splinter Cell Double Agent TurboCAD Professional 20 64-bit Visual Studio 2010 x64 Redistributables Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables VTech Download Agent Library Welcome Center Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinRAR 5.00 (32-bit) WinRAR 5.00 (64-bit) ==== Running Processes ====================== C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCRtp.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Launch Manager\dsiwmis.exe C:\Program Files\Bitdefender Agent\ProductAgentService.exe C:\Program Files (x86)\Launch Manager\LMutilps32.exe C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Users\Nathalie\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BaiduHips deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BaiduHips deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BDMRTP deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BDMRTP deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iSafeService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\iSafeService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QQRepair103e deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\QQRepair103e deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QQRepair18e0 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\QQRepair18e0 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QQRepair1b1e deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\QQRepair1b1e deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QQRepair1c8a deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\QQRepair1c8a deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QQRepair23a6 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\QQRepair23a6 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QQRepair7c8 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\QQRepair7c8 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QQRepair90f deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\QQRepair90f deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QQRepairFixSVC deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\QQRepairFixSVC deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ReimageRealTimeProtector deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ReimageRealTimeProtector deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QMUdisk deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\QMUdisk deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TAOKernelDriver deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TAOKernelDriver deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TSSysKit deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TSSysKit deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TAOAccelerator deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TAOAccelerator deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iSafeKrnl deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\iSafeKrnl deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iSafeNetFilter deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\iSafeNetFilter deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "mbot_be_014010259"=- " QQPCTray"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15DEE173-1BE9-4424-81E0-58A87076E9B1}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] ==== Deleting Files \ Folders ====================== C:\PROGRA~2\AVS4YOU not found C:\PROGRA~2\Mozilla Firefox not found C:\PROGRA~2\Pixum not found C:\Program Files (x86)\Baidu not found C:\Program Files (x86)\Elex-tech not found C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} not found C:\Program Files (x86)\Common Files\Baidu deleted C:\Program Files\Reimage deleted C:\ProgramData\Reimage Protector deleted C:\ProgramData\TXQMPC deleted C:\Users\Nathalie\AppData\Roaming\GiftBag.db deleted C:\Users\Nathalie\AppData\Roaming\temp.ini deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Tencent deleted C:\PROGRA~3\ProductData deleted C:\PROGRA~3\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F} deleted C:\PROGRA~3\{CA2FACF7-9029-4A21-892B-E7F60B39FF1A} deleted C:\PROGRA~3\{D76294E6-03B8-4971-AF2E-3F846161A690} deleted C:\PROGRA~3\Package Cache deleted C:\Users\Nathalie\AppData\Local\cache deleted C:\Users\Nathalie\Downloads\ilivid_download_manager.exe deleted C:\Users\Nathalie\Downloads\ReimageRepair (1).exe deleted C:\Users\Nathalie\Downloads\ReimageRepair.exe deleted C:\Users\Nathalie\AppData\LocalLow\ADSRemoval deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\IObit Apps deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Nation toolbar deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted C:\Windows\Reimage.ini deleted C:\Windows\wininit.ini deleted C:\windows\SysNative\tasks\ReimageUpdater deleted C:\windows\SysNative\tasks\ASC7_PerformanceMonitor deleted C:\windows\SysNative\tasks\Game_Booster_AutoUpdate deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Users\Nathalie\AppData\Roaming\6534.exe deleted C:\Users\Nathalie\glkneswx.exe deleted C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\ue1m91jg.default\extensions\speeddial@instair.net deleted "C:\PROGRA~3\Tencent\QQPCMgr\FileUpload.db" not deleted "C:\PROGRA~3\Tencent\QQPCMgr\QMConfig.hiv" not deleted "C:\PROGRA~3\Tencent\QQPCMgr\QMConfig.hiv.LOG1" not deleted "C:\PROGRA~3\Tencent\QQPCMgr\QMConfig.hiv.LOG2" not deleted "C:\PROGRA~3\Tencent\QQPCMgr\QMConfig.hiv{7cf0afd5-f1f8-11e5-a85b-806e6f6e6963}.TM.blf" not deleted "C:\PROGRA~3\Tencent\QQPCMgr\QMConfig.hiv{7cf0afd5-f1f8-11e5-a85b-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms" not deleted "C:\PROGRA~3\Tencent\QQPCMgr\QMConfig.hiv{7cf0afd5-f1f8-11e5-a85b-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms" not deleted "C:\PROGRA~3\Tencent\QQPCMgr\Startup.hiv" not deleted "C:\PROGRA~3\Tencent\QQPCMgr\Startup.hiv.LOG1" not deleted "C:\PROGRA~3\Tencent\QQPCMgr\Startup.hiv.LOG2" not deleted "C:\PROGRA~3\Tencent\QQPCMgr\Startup.hiv{856c617e-025f-11e6-ab51-b870f49db042}.TM.blf" not deleted "C:\PROGRA~3\Tencent\QQPCMgr\Startup.hiv{856c617e-025f-11e6-ab51-b870f49db042}.TMContainer00000000000000000001.regtrans-ms" not deleted "C:\PROGRA~3\Tencent\QQPCMgr\Startup.hiv{856c617e-025f-11e6-ab51-b870f49db042}.TMContainer00000000000000000002.regtrans-ms" not deleted "C:\PROGRA~3\Tencent\QQPCMgr\SoftMgr\softuninstalllog.db" not deleted "C:\PROGRA~3\Tencent\QQPCMgr\TAVWfsDB\TAVCache.db" not deleted "C:\PROGRA~3\Tencent\QQPCMgr\TAVWfsDB\WhiteList.db" not deleted "C:\Program Files (x86)\Tencent" not deleted "C:\PROGRA~2\Tencent" not deleted "C:\PROGRA~3\Tencent" not deleted "C:\Program Files (x86)\Tencent\QQPCMgr" not deleted "C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218" not deleted "C:\PROGRA~2\Tencent\QQPCMgr" not deleted "C:\PROGRA~2\Tencent\QQPCMgr\11.3.17201.218" not deleted "C:\PROGRA~3\Tencent\QQPCMgr" not deleted "C:\PROGRA~3\Tencent\QQPCMgr\SoftMgr" not deleted "C:\PROGRA~3\Tencent\QQPCMgr\TAVWfsDB" not deleted ==== System Specs ====================== Operating System: Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 64-bits Manufacturer: Acer - Model: Aspire 7750G Install Date: 18/06/2013 20:59:42 Last Boot: 17/07/2016 10:59:42 Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz Number of Processors: 4 Work Station Bootmode: Normal boot Total RAM: 6125 MB (free 3940 MB - 64) Computername: NATHALIE-PC Domain: WORKGROUP User: Nathalie (Administrator account) Local Disk: C:\ - NTFS - 339 GB (free 121 GB) Local Disk: D:\ - NTFS - 339 GB (free 283 GB) CD \ DVD Drive: E:\ Bootdevice: \Device\HarddiskVolume2 Windows update: Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Bitdefender Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Bitdefender Antispyware disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: Bitdefender Firewall disabled Default Browser: Google Chrome 51.0.2704.103 Internet Explorer Version: 10.0.9200.17609 Google Chrome version: 51.0.2704.103 Adobe Reader version: 15.17.20050.192152 Flash Player version: 16.0.0.235 Shockwave Player version: 12.1.3r153 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Nathalie\AppData\Local\Temp ==== 2016-07-10 13:32:08 DD845F4FE28455F08DD8FB2A71C46D09 47814912 ----a-w- C:\Users\Nathalie\AppData\Local\Temp\GarminExpressInstaller.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-07-17 09:03:30 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Nathalie\AppData\Roaming ====== 2016-06-26 16:47:11 -------- d-----w- C:\Users\Nathalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder ====== C:\Users\Nathalie ====== 2016-07-17 09:02:59 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Nathalie\Downloads\RSITx64.exe 2016-06-26 16:47:19 -------- d-----w- C:\ProgramData\Gaijin ====== C: exe-files == 2016-07-17 09:03:31 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Nathalie.exe 2016-07-17 09:02:59 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Nathalie\Downloads\RSITx64.exe 2016-07-10 13:32:08 DD845F4FE28455F08DD8FB2A71C46D09 47814912 ----a-w- C:\Users\Nathalie\AppData\Local\Temp\GarminExpressInstaller.exe === C: other files == ==== Orphaned Tasks deleted from Registry ====================== ASC7_PerformanceMonitor deleted clear.fiMovieService.exe_1836550421 deleted Game_Booster_AutoUpdate deleted ReimageUpdater deleted ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-897849699-3048257354-2142024257-1000\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] " QQPCTray"="C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCTray.exe /regrun" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming" "Bdagent"="C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe" ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "AVG-Secure-Search-Update_0913b"="C:\\Users\\Nathalie\\AppData\\Roaming\\AVG 0913b Campaign\\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid eb05d7f9370c47d3888e6939b27959b1-d83714c3422d8b911f9fb0d2ce452d3b07f04b9d --CMPID 0913b" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AllShareAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AllShareAgent" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Samsung\\AllShare\\AllShareAgent.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcadeMovieService] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ArcadeMovieService" "hkey"="HKLM" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BackupManagerTray] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BackupManagerTray" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\NTI\\Acer Backup Manager\\BackupManagerTray.exe\" -h -k " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BitTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BitTorrent" "hkey"="HKCU" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GarminExpressTrayApp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GarminExpressTrayApp" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Garmin\\Express Tray\\ExpressTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LManager" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Launch Manager\\LManager.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Power Management] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Power Management" "hkey"="HKLM" "command"="C:\\Program Files\\Acer\\Acer ePower Management\\ePowerTray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Nathalie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk] "path"="C:\\Users\\Nathalie\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OpenOffice.org 3.4.1.lnk" "backup"="C:\\Windows\\pss\\OpenOffice.org 3.4.1.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~2\\OPENOF~1.ORG\\program\\QUICKS~1.EXE " "item"="OpenOffice.org 3.4.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Application Updater] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\bthserv] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\EgisTec Ticket Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Fax] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Garmin Core Update Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wlidsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WMPNetworkSvc] ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [25/04/2016 20:18] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [25/04/2016 20:18] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\ASC7_SkipUac_Nathalie" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe /SkipUac] "C:\Windows\SysNative\tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864" [C:\Program Files\Bitdefender Agent\WatchDog.exe] "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (Nathalie)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\SysNative\tasks\EgisUpdate" ["C:\Program Files\EgisTec IPS\EgisUpdate.exe"] "C:\Windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\PMMUpdate" ["C:\Program Files\EgisTec IPS\PMMUpdate.exe"] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\4wwiona8.default-1393590751205 user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.newtab.url", "http://www.google.com"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "bdwteffv20@bitdefender.com"="C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff" [16/03/2016 20:48] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "bdwteffv20@bitdefender.com"="C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff" [16/03/2016 20:48] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\4wwiona8.default-1393590751205 - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ProfilePath: C:\Users\Nathalie\AppData\Roaming\Thunderbird\Profiles\sa4qsifo.default - Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} ProfilePath: C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\ue1m91jg.default - Undetermined - %ProfilePath%\extensions\searchads@instair.net ==== Firefox Plugins ====================== Profilepath: C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\4wwiona8.default-1393590751205 424899266BA430CCE5DDB6C1B4BE1B99 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll - Shockwave Flash DCB0BCEF594E2C410793C4A823C318F3 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll - Shockwave for Director / Shockwave for Director C195AC4544729A69CFF30BB62F473054 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll - Shockwave for Director / Shockwave for Director ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dhhejlifdlcgcmogbggeomfodgklfaem - No path found[] Google Slides - Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Bitdefender Wallet - Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhejlifdlcgcmogbggeomfodgklfaem Google Sheets - Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chrome Web Store Payments - Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Chromium Fix ====================== C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.360yield.com_0.localstorage deleted successfully C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.360yield.com_0.localstorage-journal deleted successfully C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0191A6B0-1154-4C22-9182-23A95BBE92D9}" HKLM\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9} - http://www.google.com/search?q={searchTerms} HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0191A6B0-1154-4C22-9182-23A95BBE92D9}" HKLM\Wow6432Node\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes "DefaultScope"="{0191A6B0-1154-4C22-9182-23A95BBE92D9}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9} - http://www.google.com/search?q={searchTerms} ==== Reset Google Chrome ====================== C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeMovieService deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: (no name) - {15DEE173-1BE9-4424-81E0-58A87076E9B1} - (no file) O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll O4 - HKLM\..\Run: [ QQPCTray] "C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCTray.exe" /regrun O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user') O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com//activex/ractrl.cab?lmi=2063 O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: QQPCMgr RTP Service (QQPCRTP) - Tencent - C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\QQPCRtp.exe O23 - Service: QQRepair167d - Unknown owner - C:\Program.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Nathalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Nathalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Nathalie\AppData\Local\Mozilla\Firefox\Profiles\4wwiona8.default-1393590751205\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=469 folders=138 138833708 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Nathalie\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Nathalie\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~3\Tencent\QQPCMgr\FileUpload.db" not found "C:\PROGRA~3\Tencent\QQPCMgr\QMConfig.hiv" not found "C:\PROGRA~3\Tencent\QQPCMgr\QMConfig.hiv.LOG1" not found "C:\PROGRA~3\Tencent\QQPCMgr\QMConfig.hiv.LOG2" not found "C:\PROGRA~3\Tencent\QQPCMgr\QMConfig.hiv{7cf0afd5-f1f8-11e5-a85b-806e6f6e6963}.TM.blf" not found "C:\PROGRA~3\Tencent\QQPCMgr\QMConfig.hiv{7cf0afd5-f1f8-11e5-a85b-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms" not found "C:\PROGRA~3\Tencent\QQPCMgr\QMConfig.hiv{7cf0afd5-f1f8-11e5-a85b-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms" not found "C:\PROGRA~3\Tencent\QQPCMgr\Startup.hiv" not found "C:\PROGRA~3\Tencent\QQPCMgr\Startup.hiv.LOG1" not found "C:\PROGRA~3\Tencent\QQPCMgr\Startup.hiv.LOG2" not found "C:\PROGRA~3\Tencent\QQPCMgr\Startup.hiv{856c617e-025f-11e6-ab51-b870f49db042}.TM.blf" not found "C:\PROGRA~3\Tencent\QQPCMgr\Startup.hiv{856c617e-025f-11e6-ab51-b870f49db042}.TMContainer00000000000000000001.regtrans-ms" not found "C:\PROGRA~3\Tencent\QQPCMgr\Startup.hiv{856c617e-025f-11e6-ab51-b870f49db042}.TMContainer00000000000000000002.regtrans-ms" not found "C:\PROGRA~3\Tencent\QQPCMgr\SoftMgr\softuninstalllog.db" not found "C:\PROGRA~3\Tencent\QQPCMgr\TAVWfsDB\TAVCache.db" not found "C:\PROGRA~3\Tencent\QQPCMgr\TAVWfsDB\WhiteList.db" not found "C:\Program Files (x86)\Tencent" not found "C:\PROGRA~2\Tencent" not found "C:\PROGRA~3\Tencent" not found ==== EOF on zo 17/07/2016 at 16:55:33,87 ======================