Zoek.exe v5.0.0.0 Updated 05-July-2014 Tool run by Brecht1 on do 10-07-2014 at 20:40:40,58. Microsoft Windows 8 6.2.9200 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Brecht1\Downloads\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-02-06-142755.log 21101 bytes C:\zoek-results2014-02-06-163913.log 848 bytes C:\zoek-results2014-02-08-071002.log 12665 bytes C:\zoek-results2014-02-12-065011.log 5379 bytes C:\zoek-results2014-02-13-074815.log 687 bytes C:\zoek-results2014-04-15-171724.log 35836 bytes C:\zoek-results2014-04-16-083445.log 4602 bytes C:\zoek-results2014-04-23-182026.log 2033 bytes C:\zoek-results2014-06-30-154839.log 34139 bytes C:\zoek-results2014-07-07-075442.log 6087 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== ęTorrent Adobe AIR Adobe Flash Player 14 Plugin Adobe Reader XI (11.0.07) - Nederlands Apple Software Update Ashampoo AppLauncher (Medion) v.1.0.0 avast Free Antivirus Betfair.com Poker Brother MFL-Pro Suite Call of Duty Game of the Year Edition CyberLink LabelPrint 2.5 CyberLink MediaEspresso 6.5 CyberLink PhotoDirector 3 CyberLink PhotoNow CyberLink Power2Go 8 CyberLink PowerDirector CyberLink PowerDVD 10 CyberLink PowerDVD Copy 1.5 CyberLink PowerRecover CyberLink YouCam 5 D3DX10 Dolby Home Theater v4 Dropbox EA Download Manager EA Download Manager UI Facebook Video Calling 2.0.0.447 Fotogalerie Galerie de photos Google Chrome Google Update Helper Hattrick Organizer (remove only) HiJackThis Holdem Manager 2 IBM SPSS Statistics 20 Intel PROSet Wireless Intel(R) Management Engine Components Intel(R) Processor Graphics Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology Intel(R) Rapid Storage Technology Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel(R) WiDi Intel© PROSet/Wireless WiFi Software Intel© Trusted Connect Service Client Java 7 Update 60 Logger Pro 3.5.0 Malwarebytes Anti-Malware versie 1.75.0.1300 Medal of Honor (TM) Mediathek Medion Home Cinema 10 Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Movie Maker Mozilla Firefox 30.0 (x86 nl) Mozilla Maintenance Service MSVCRT MSVCRT110 MSVCRT110_amd64 Nova 1.10 NVIDIA Control Panel 307.17 NVIDIA Graphics Driver 307.17 NVIDIA Install Application NVIDIA Optimus 1.10.8 NVIDIA PhysX NVIDIA Update Components PHotkey Photo Common Photo Gallery PKR Poker at bet365 PokerStars.be PokerStrategy.com Equilab PostgreSQL 8.4 QuickLaunch QuickTime Raccolta foto Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition SkypeT 6.14 SMPlayer 0.8.4 Synaptics Pointing Device Driver Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0) Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1) Windows Live Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Mobile Apparaatcentrum WinRAR 4.20 (32-bit) ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Windows\SysWOW64\PnkBstrA.exe c:\postgreSQL\bin\pg_ctl.exe c:\postgreSQL\bin\postgres.exe c:\postgreSQL\bin\postgres.exe c:\postgreSQL\bin\postgres.exe c:\postgreSQL\bin\postgres.exe c:\postgreSQL\bin\postgres.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\PHotkey\PHotkey.exe C:\Program Files (x86)\PHotkey\MsgTranAgt.exe C:\Program Files (x86)\PHotkey\HCSynApi.exe C:\Program Files (x86)\PHotkey\POSD.exe C:\Program Files (x86)\PHotkey\GPMTray.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Users\Brecht1\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Users\Brecht1\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\Brecht1\Searches deleted ==== Folders Found ====================== ==== Files Found ====================== ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3978 MB CPU Info: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz CPU Speed: 2546,2 MHz Sound Card: Speakers (Realtek High Definiti | Realtek Digital Output (Realtek | Display Adapters: Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | NVIDIA GeForce GT 635M Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Bluetooth Device (Personal Area Network) | Intel(R) Centrino(R) Wireless-N 2230 | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SN-208BB Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 869,8GB | D: 60,0GB Hard Disks - Free: C: 683,7GB | D: 41,4GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | MEDION - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: Medion Akoya P6638 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Internet Explorer Version: 10.0.9200.16921 Mozilla Firefox version: 30.0 (x86 nl) Google Chrome version: 35.0.1916.153 Adobe Reader version: 11.0.07.79 Sun Java version: 1.7.0_60 (32-bit) Flash Player version: 14.0.0.145 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Brecht1\AppData\Local\Temp ==== 2014-07-10 10:00:29 5634C601025C31032A0AF1590B4C0CA6 43008 ----a-w- C:\Users\Brecht1\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpksxe0n.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-07-09 06:46:46 1F3780A663053B4CAF108C3524E8CD40 497152 ----a-w- C:\Windows\SysWOW64\qedit.dll 2014-07-07 07:20:36 CEE4C9E092168CEBD187491AF6FDA8FB 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-07-07 07:20:25 ECB3AB701D6E26F5E54C58957E34E719 175528 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-07-07 07:20:25 8C7C6D494D86307CDCF63E0478767C16 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-07-07 07:20:25 2251971694E17BAC4E344DC2B7CD7ADD 175528 ----a-w- C:\Windows\SysWOW64\java.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-07-09 06:46:46 47C22FAAC1EC02467790C79B8DB6FCCB 596480 ----a-w- C:\Windows\Sysnative\qedit.dll ====== C:\Windows\Sysnative\drivers ===== 2014-06-17 15:05:39 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf 2014-06-11 13:05:14 8504ADDE9C146C6295B16D13A0007560 619008 ----a-w- C:\Windows\Sysnative\drivers\srv2.sys 2014-06-11 13:05:14 7B9BD186B7672DA1D79D5685BB2904CD 328024 ----a-w- C:\Windows\Sysnative\drivers\Classpnp.sys 2014-06-11 13:04:12 0E0C16EE82E2F4EBC2FBCA24C8F00D9E 2233176 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2014-07-07 07:20:41 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\Brecht1\AppData\Roaming ====== 2014-07-07 07:52:04 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-07-07 07:52:04 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-07-07 07:52:04 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Temp 2014-07-07 07:52:03 -------- d-----w- C:\Users\postgres\AppData\Local\Temp 2014-07-07 07:52:03 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-07-07 07:52:03 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-07-07 07:52:03 -------- d-----w- C:\Users\Brecht1\AppData\Local\Temp ====== C:\Users\Brecht1 ====== 2014-07-07 07:20:55 -------- d-----w- C:\ProgramData\Oracle 2014-07-07 07:20:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-07-07 07:12:47 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\Brecht1\Downloads\chromeinstall-7u60.exe 2014-07-02 17:44:19 21EF78069109840629939E82BB31BDD0 11858 ----a-w- C:\Users\Brecht1\Inlichtingsfiche NDL.xlsx 2014-06-17 18:31:26 4237440B7119B2E6861DCDD6839C270E 423757 ----a-w- C:\Users\Brecht1\www.natuurpunt.be_uploads_denatuurin_plannetjes_plan_dommeldal_ekselpeer.pdf 2014-06-17 18:27:41 921FAE73D7933676B62AF220A5BC91DF 755357 ----a-w- C:\Users\Brecht1\www.natuurpunt.be_uploads_denatuurin_plannetjes_wandelplan_rammelaars__ham_2010.pdf 2014-06-11 20:05:33 4A229FD1A79454720B015462E632007D 1545319 ----a-w- C:\Users\Brecht1\Nabeschouwing_deel2.docx 2014-06-11 08:30:09 266686E77928F2883AA120EAF64273AC 72230 ----a-w- C:\Users\Brecht1\5840167f.pdf ====== C: exe-files == 2014-07-10 10:58:05 1506B836D9D26D1D2212965906692FDD 254784 ----a-w- C:\Program Files (x86)\PokerStars.BE\br\PokerStarsBr.exe 2014-07-10 10:58:04 D83D22EFC9837B61AA4408073263CC7F 11651904 ----a-w- C:\Program Files (x86)\PokerStars.BE\backup\PokerStars.exe 2014-07-07 07:20:36 CEE4C9E092168CEBD187491AF6FDA8FB 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-07-07 07:20:25 ECB3AB701D6E26F5E54C58957E34E719 175528 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-07-07 07:20:25 2251971694E17BAC4E344DC2B7CD7ADD 175528 ----a-w- C:\Windows\SysWOW64\java.exe 2014-07-07 07:20:20 E0FE8B7BE802F8C4A71317AC35E44B00 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmid.exe 2014-07-07 07:20:20 C7C5FF4B0E83702EFBC0C886D87E9743 145832 ----a-w- C:\Program Files (x86)\Java\jre7\bin\unpack200.exe 2014-07-07 07:20:20 B5C9699AA60F74F144DB5A566F6E58F8 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe 2014-07-07 07:20:20 84FB0EC0581C996F445433BD2379A5CC 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\servertool.exe 2014-07-07 07:20:20 3427C247AFEC295CD4A20B53EE445F23 16808 ----a-w- C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe 2014-07-07 07:20:20 3002E7E937FCB8985320AA807E762845 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\policytool.exe 2014-07-07 07:20:20 0595B07F96E4F48784A4B772B887AD68 49576 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe 2014-07-07 07:20:19 F9DE7324BDF83F5AFE174354F47C2AE0 16808 ----a-w- C:\Program Files (x86)\Java\jre7\bin\orbd.exe 2014-07-07 07:20:19 E87885A59FDC241B6575943A75E495D9 182696 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jqs.exe 2014-07-07 07:20:19 E2C8F178A57D011518785CF75044CD69 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\keytool.exe 2014-07-07 07:20:19 AEA4E94FC2A2F88FA5EC7FB6BC349E1B 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\klist.exe 2014-07-07 07:20:19 8140DCC3064BA8ADC407D956BE19D764 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\pack200.exe 2014-07-07 07:20:19 62CA7ABA57A4FCDB3844F73A156BAE26 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\kinit.exe 2014-07-07 07:20:19 235A2E87C34995F1837283FE76CD2E46 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ktab.exe 2014-07-07 07:20:18 ECB3AB701D6E26F5E54C58957E34E719 175528 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaw.exe 2014-07-07 07:20:18 CEE4C9E092168CEBD187491AF6FDA8FB 264616 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaws.exe 2014-07-07 07:20:18 82517DE5984F3EA3A49E0B5C8825DA63 68008 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javacpl.exe 2014-07-07 07:20:18 1EFC992CA271E6D40034FBE7BCEDB724 52648 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe 2014-07-07 07:20:17 96777405AB93AF8FCF6C9B6F5C3F1E51 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe 2014-07-07 07:20:17 2251971694E17BAC4E344DC2B7CD7ADD 175528 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java.exe 2014-07-07 07:20:17 07643C3AF27179144C9800AF0819DE75 48040 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe 2014-07-07 07:19:51 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Brecht1\AppData\LocalLow\Sun\Java\jre1.7.0_60\lzma.exe 2014-07-07 07:12:47 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\Brecht1\Downloads\chromeinstall-7u60.exe 2014-07-07 06:25:34 E41F3AC355DFA8EEC3E81008C383EC1C 386080 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00005cb3\updatus.18662328_RUNASUSER.exe === C: other files == 2014-07-10 17:49:18 DE651E9A2B1E4F7CB802DBF279B7E5A8 16958 ----a-w- C:\Users\Brecht1\Downloads\Ondertitel.com-416-24.S09E07.HDTV.x264-LOL.zip 2014-07-10 17:04:54 C73A6997CF74FA840BB127885B8EED2B 17786 ----a-w- C:\Users\Brecht1\Downloads\Ondertitel.com-799-24.S09E06.HDTV.x264-LOL.zip 2014-07-10 11:00:27 79D4DFA35010502C462F951ED9A50B0E 17786 ----a-w- C:\Users\Brecht1\Downloads\73ff39e4765ed481e8f943356162d147f05c62cb.zip 2014-07-09 18:48:51 B5773C6911B23600DBA81CB84DF379FE 15935 ----a-w- C:\Users\Brecht1\Downloads\Ondertitel.com-6-24.S09E03.HDTV.x264-LOL.zip 2014-07-09 17:57:04 A5D2507A4E7EA3C61F0865A58DBE9AA7 16964 ----a-w- C:\Users\Brecht1\Downloads\Ondertitel.com-529-24.S09E02.HDTV.LOL.zip 2014-07-09 13:45:38 23A41C38892CE1D3059754611CF5E446 14259 ----a-w- C:\Users\Brecht1\Downloads\Ondertitel.com-417-24.S09E01.HDTV.x264-LOL.zip 2014-07-09 13:44:46 292EC4F99D7E77F623106658710F0FF4 81675 ----a-w- C:\Users\Brecht1\Downloads\Ondertitel.com-860-24.S09E04.HDTV.x264-LOL.zip 2014-07-07 07:20:20 8E29BBCCC8D802D36701633A7842FE74 18636 ----a-w- C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2444422138-2622892493-4117670433-1002\Software\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="C:\Users\Brecht1\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CLMLServer_For_P2G8"="C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R" "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "YouCam Service"="C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe /s" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "BrMfcWnd"="C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN" "ControlCenter3"="C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun" "QuickTime Task"="C:\Program Files (x86)\QuickTime\qttask.exe -atboottime" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Facebook Update"="C:\Users\Brecht1\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 " "BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll,TrayApp" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe " ==== Startup Folders ====================== 2014-05-21 16:17:33 1053 ----a-w- C:\Users\Brecht1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09-07-2014 08:36] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2444422138-2622892493-4117670433-1002Core.job --a-------- C:\Users\Brecht1\AppData\Local\Facebook\Update\FacebookUpdate.exe [23-11-2013 17:35] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2444422138-2622892493-4117670433-1002UA.job --a-------- C:\Users\Brecht1\AppData\Local\Facebook\Update\FacebookUpdate.exe [23-11-2013 17:35] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23-03-2013 12:19] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\Windows\SysNative\tasks\Dolby Selector" [C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2444422138-2622892493-4117670433-1002Core" [C:\Users\Brecht1\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2444422138-2622892493-4117670433-1002UA" [C:\Users\Brecht1\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Synaptics TouchPad Enhancements" [\Program Files\Synaptics\SynTP\SynTPEnh.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [30-04-2014 11:46] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Brecht1\AppData\Roaming\Mozilla\Firefox\Profiles\j9aytboh.default FF0D6F82A0EC13952E83B9439100E45D - C:\Users\Brecht1\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin ==== Chrome Look ====================== Bumblebee Transformers - Brecht1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ablploimnfndjhngijoeekcoillceikj Google Docs - Brecht1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Brecht1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Brecht1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo FoxTrick - Brecht1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpfbbngccefbbndginomofgpagkjckik Last updated at time on date - Brecht1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Search - Brecht1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf AdBlock - Brecht1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Google Wallet - Brecht1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Brecht1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR" {10DF6FDB-1610-4B14-A3F2-6ADC8C483C7A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== C:\Users\Brecht1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Brecht1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: ::1 localhost O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Brecht1\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - Startup: Dropbox.lnk = Brecht1\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Verzenden naar Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Verzenden naar Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU) O9 - Extra 'Tools' menuitem: Verzenden naar Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\GFNEXSrv.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: postgresql-8.4 - PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - c:/postgreSQL/bin/pg_ctl.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Brecht1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Brecht1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Brecht1\AppData\Local\Mozilla\Firefox\Profiles\j9aytboh.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Brecht1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=478 folders=117 64845505 bytes) ==== Empty Temp Folders ====================== C:\Users\Brecht1\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\postgres\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Brecht1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on do 10-07-2014 at 21:26:03,12 ======================