Zoek.exe v5.0.0.0 Updated 27-01-2015 Tool run by Berre on do 29/01/2015 at 18:39:31,05. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Berre\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2015-01-28-184425.log 53262 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-543984391-606257222-1702330859-1000\Software\Mozilla\Firefox\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8} deleted successfully ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\windows\SysWOW64\Rezip.exe C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe C:\Users\Berre\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\AnyPC Client\APLangApp.exe C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Users\Berre\Desktop\zoek.exe C:\windows\SysWOW64\cmd.exe C:\windows\SysWOW64\cmd.exe C:\windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LiveUpdateSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\LiveUpdateSvc deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Berre\AppData\Roaming\Mozilla\Firefox\Profiles\0mdgcuqz.default-1418590944946 user.js not found ---- Lines {e4f94d1e-2f53-401e-8885-681602c0ddd8} modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST So ---- FireFox user.js and prefs.js backups ---- prefs_20152901_1852_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Advanced SystemCare 7] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Advanced SystemCare 8] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Slick Savings] ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\IObit\Advanced SystemCare 7 not found C:\Program Files (x86)\IObit\Advanced SystemCare 8 not found C:\ProgramData\McAfee Security Scan deleted "C:\windows\SysNative\tasks\ASC7_PerformanceMonitor" deleted "C:\windows\SysNative\tasks\ASC7_SkipUac_Berre" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3950 MB CPU Info: Intel(R) Core(TM) i5 CPU M 450 @ 2.40GHz CPU Speed: 2399.2 MHz Sound Card: Luidsprekers (2- Realtek High D | Display Adapters: NVIDIA GeForce GT 330M | NVIDIA GeForce GT 330M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Bluetooth Device (Personal Area Network) #7 | Qualcomm Atheros AR9285 Wireless Network Adapter CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW TS-L633C Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 290.5GB | D: 290.5GB Hard Disks - Free: C: 98.1GB | D: 288.3GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 12/16/09 | SECCSD - 6222004 Time Zone: Romance (standaardtijd) Motherboard *: SAMSUNG ELECTRONICS CO., LTD. R780 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Spybot - Search and Destroy disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Internet Explorer Version: 11.0.9600.17501 Google Chrome version: 40.0.2214.93 Adobe Reader version: 11.0.10.32 Sun Java version: 1.8.0_31 (32-bit) Sun Java version: 1.8.0_31 (64-bit) Flash Player version: 16.0.0.296 ==== Files Recently Created / Modified ====================== ====== C:\windows ==== ====== C:\Users\Berre\AppData\Local\Temp ==== 2015-01-29 17:05:31 97511FE2CA09CC2E06C3CD6519C3494E 43008 ----a-w- C:\Users\Berre\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnyi7ay.dll ====== Java Cache ===== ====== C:\windows\SysWOW64 ===== 2015-01-20 18:16:50 13D186FA6F19823C598335443CE233BC 98216 ----a-w- C:\windows\SysWOW64\WindowsAccessBridge-32.dll ====== C:\windows\SysWOW64\drivers ===== ====== C:\windows\Sysnative ===== ====== C:\windows\Sysnative\drivers ===== 2015-01-18 14:36:15 64AEB5790901EA8854884981F104CAA6 18960 ----a-w- C:\windows\Sysnative\drivers\LNonPnP.sys 2015-01-13 20:25:11 AE3334958D8F631FF14A0AEB3D7EFB3A 141312 ----a-w- C:\windows\Sysnative\drivers\mrxdav.sys 2015-01-13 19:30:43 7D7FBC9504575D97885A858EA93684F5 5804772 ----a-w- C:\windows\Sysnative\drivers\rtvienna.dat 2015-01-13 19:30:42 D2B1DA73B6E8769A1BE1A55693B7F1B3 4263128 ----a-w- C:\windows\Sysnative\drivers\RTKVHD64.sys 2015-01-13 19:30:40 814231B961760C39A5807A43D8ED71E1 1443340 ----a-w- C:\windows\Sysnative\drivers\RTAIODAT.DAT 2015-01-13 19:25:39 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\windows\Sysnative\drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf 2015-01-04 13:13:36 2232AE1BB51A96A7381A2CA17DF12E24 12866008 ----a-w- C:\windows\Sysnative\drivers\nvlddmkm.sys 2015-01-04 13:11:14 E366A5681C50785D4ED04FCFD65C3415 197408 ----a-w- C:\windows\Sysnative\drivers\nvhda64v.sys 2015-01-04 13:09:17 678D197CAD249F930B7FDD2AFA4C91B0 34544 ----a-w- C:\windows\Sysnative\drivers\Smb_driver_Intel.sys 2015-01-04 13:09:17 678D197CAD249F930B7FDD2AFA4C91B0 34544 ----a-w- C:\windows\Sysnative\drivers\SETF085.tmp ====== C:\windows\Tasks ====== 2015-01-18 13:43:54 93AEAE8C6A063D29A01B89B9E18B529B 3842 ----a-w- C:\windows\Sysnative\Tasks\DriverNavigator Scheduled Scan 2015-01-18 13:43:54 7CF239DAA9BF511E5BE5A30EB9A6A088 436 ----a-w- C:\windows\Tasks\DriverNavigator Scheduled Scan.job 2015-01-16 18:59:22 B03E5AFD2469349CCF6042549574782D 3128 ----a-w- C:\windows\Sysnative\Tasks\{FF06AE39-23B4-4DF3-917E-99804A90B8D6} 2015-01-15 16:43:21 7731AA16ADC6DEA3F00BEC8EFE7F81E2 5060 ----a-w- C:\windows\Sysnative\Tasks\Microsoft Office 15 Sync Maintenance for LaptopBerre-Berre LaptopBerre 2015-01-15 16:12:46 -------- d-----w- C:\windows\Sysnative\Tasks\OfficeSoftwareProtectionPlatform 2015-01-04 13:19:37 5854DC92856A934A6DD798E19BA321F5 3042 ----a-w- C:\windows\Sysnative\Tasks\SAgent ====== C:\windows\Temp ====== ======= C:\Program Files ===== 2015-01-20 18:13:23 -------- d-----w- C:\Program Files\trend micro 2015-01-18 13:43:50 -------- d-----w- C:\Program Files\Easeware 2015-01-15 16:09:14 -------- d-----w- C:\Program Files\Microsoft Office 15 ======= C:\PROGRA~2 ===== 2015-01-26 16:42:14 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2015-01-21 19:25:30 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER 2015-01-20 18:15:49 -------- d-----w- C:\PROGRA~2\Java 2015-01-18 14:49:23 -------- d-----w- C:\PROGRA~2\COMMON~1\Intel Corporation 2015-01-04 13:16:34 -------- d-----w- C:\PROGRA~2\NVIDIA Corporation ======= C: ===== 2015-01-16 18:41:53 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\asc_rdflag ====== C:\Users\Berre\AppData\Roaming ====== 2015-01-28 18:41:19 -------- d-----w- C:\windows\serviceprofiles\networkservice\AppData\Local\Temp 2015-01-28 18:41:19 -------- d-----w- C:\windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-01-28 18:41:19 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2015-01-28 18:41:19 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2015-01-28 18:41:18 -------- d-----w- C:\Users\Berre\AppData\Local\Temp 2015-01-20 18:14:35 -------- d-----w- C:\Users\Berre\AppData\Locallow\Sun 2015-01-18 14:48:31 -------- d-----w- C:\Users\Berre\AppData\Roaming\Intel Corporation 2015-01-18 13:43:55 -------- d-----w- C:\Users\Berre\AppData\Roaming\Easeware 2015-01-05 18:46:54 -------- d-----w- C:\Users\Berre\AppData\Roaming\Leadertech ====== C:\Users\Berre ====== 2015-01-20 18:17:00 -------- d-----w- C:\ProgramData\Sun 2015-01-20 18:16:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-01-20 18:15:56 -------- d-----w- C:\ProgramData\Oracle 2015-01-18 14:48:25 -------- d-----w- C:\windows\sysWoW64\config\systemprofile\Intel 2015-01-18 14:48:20 -------- d-----w- C:\ProgramData\Intel 2015-01-18 14:48:20 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2015-01-18 14:46:39 -------- d-----w- C:\Users\Berre\Intel 2015-01-15 16:12:41 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft 2015-01-15 16:11:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 ====== C: exe-files == 2015-01-27 17:57:29 B88B8DA6B88D10319658833BF4C01CFD 62751 ----a-w- C:\Users\Berre\Downloads\Taken 3 (2015) HQ AC3 DD20 (Externe Subs)\reverse-tools-mac-win\WINDOWS\Setup.exe 2015-01-27 10:07:28 220A0B7B557EFEF7C399CDC1E9DBDA2D 875088 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.93\40.0.2214.93_40.0.2214.91_chrome_updater.exe 2015-01-26 16:41:35 7479DA0BED071427A3F0017AC51CC27B 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\unpack200.exe 2015-01-26 16:41:35 577F5DCBA4DE4C345631873670F84E79 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\tnameserv.exe 2015-01-26 16:41:34 F9D744CD9BC58F287F8FA59D32508EDD 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\orbd.exe 2015-01-26 16:41:34 DBB5C8AE19ACFA2857CFB90C7305AC56 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssvagent.exe 2015-01-26 16:41:34 DA34E76DE9CD93471F24E7BD43139958 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\kinit.exe 2015-01-26 16:41:34 CDB1FE0DCF2ADB755EBF65C8AEBBC871 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\servertool.exe 2015-01-26 16:41:34 AF82EA1498FEC5C49B8A1AE5AA0A5F6C 77224 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2launcher.exe 2015-01-26 16:41:34 A8884FB8246655C84F110E77DF5E1B4A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\ktab.exe 2015-01-26 16:41:34 8B6DF9CD28359C5E819446FD79CE3948 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\rmiregistry.exe 2015-01-26 16:41:34 69BD74EE834B5629226BF89468B8020B 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\keytool.exe 2015-01-26 16:41:34 5F7C51E0DCA813D647F14FC12AE675F2 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\policytool.exe 2015-01-26 16:41:34 39685FC75B6FB2144E793595F1AB111D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\pack200.exe 2015-01-26 16:41:34 2F77C9862B1A2401278C4A5B932DA69D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\klist.exe 2015-01-26 16:41:34 0FB2ACAC796B166F6486B593B604A3FF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\rmid.exe 2015-01-26 16:41:33 F5EA785B2BCC08DC28CBC2D96E05F2C1 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe 2015-01-26 16:41:33 DF1C8EDDAF14D2960A06A9DF7B2D0A89 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\java-rmi.exe 2015-01-26 16:41:33 B0D46640968F989830413EB88F43E0D0 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\java.exe 2015-01-26 16:41:33 90C02BD6D01BBC1C620323F9E330E89C 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\jjs.exe 2015-01-26 16:41:33 52C8B9FD016E6317FDB151296FF90877 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaws.exe 2015-01-26 16:41:33 3E72E1AB196855916E2065C604674631 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe 2015-01-26 16:41:33 063A1044A451660B159426B9C5E75957 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\jabswitch.exe === C: other files == 2015-01-29 17:06:36 0AACD2FC5E718ACA8DFFF13ABE5699D3 172426 ----a-w- C:\Users\Berre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QG94PLG4\RegisterDevice[1].zip 2015-01-29 17:06:14 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Berre\AppData\Local\Temp\avastBCLTMP\nfengeggddojhakldhlpjdlddgkkjkddabcabcabcabcabcabcabcabcabc.zip 2015-01-29 17:06:14 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Berre\AppData\Local\Temp\avastBCLTMP\nfengeggddojhakldhlpjdlddgkkjkddabcabcabcabcabcabcabcabc.zip 2015-01-29 17:06:14 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Berre\AppData\Local\Temp\avastBCLTMP\nfengeggddojhakldhlpjdlddgkkjkddabcabcabcabc.zip 2015-01-29 17:06:14 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Berre\AppData\Local\Temp\avastBCLTMP\nfengeggddojhakldhlpjdlddgkkjkddabcabcabc.zip 2015-01-29 17:06:14 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Berre\AppData\Local\Temp\avastBCLTMP\nfengeggddojhakldhlpjdlddgkkjkddabcabc.zip 2015-01-29 17:06:14 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Berre\AppData\Local\Temp\avastBCLTMP\eofcbnmajmjmplflapaojjnihcjkigck.zip 2015-01-26 16:41:36 3315140254247E248C3531F159C79109 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-543984391-606257222-1702330859-1000\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UpdatePDRShortCut"="C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\PowerDirector UpdateWithCreateOnce Software\CyberLink\PowerDirector\7.0" "UpdatePPShortCut"="C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\PowerProducer UpdateWithCreateOnce Software\CyberLink\PowerProducer\5.0" "UpdatePSTShortCut"="C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\DVD Suite UpdateWithCreateOnce Software\CyberLink\PowerStarter" "UCam_Menu"="C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\YouCam UpdateWithCreateOnce Software\CyberLink\YouCam\2.0" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "APLangApp"="c:\program files (x86)\anypc client\aplangapp.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming" "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "command"="c:\\program files (x86)\\common files\\adobe\\arm\\1.0\\adobearm.exe" "hkey"="HKLM" "item"="Adobe ARM" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "command"="c:\\program files (x86)\\common files\\ahead\\lib\\nmbgmonitor.exe" "hkey"="HKCU" "item"="BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "command"="c:\\program files (x86)\\cyberlink\\power2go\\clmlsvc.exe" "hkey"="HKLM" "item"="CLMLServer" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GarminExpressTrayApp] "command"="c:\\program files (x86)\\garmin\\express tray\\expresstray.exe" "hkey"="HKCU" "item"="GarminExpressTrayApp" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload] "command"="c:\\program files (x86)\\samsung\\kies\\kies.exe /preload" "hkey"="HKCU" "item"="KiesPreload" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent] "command"="c:\\program files (x86)\\samsung\\kies\\kiestrayagent.exe" "hkey"="HKLM" "item"="KiesTrayAgent" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDVD8LanguageShortcut] "command"="c:\\program files (x86)\\cyberlink\\powerdvd8\\language\\language.exe" "hkey"="HKLM" "item"="PDVD8LanguageShortcut" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl8] "command"="c:\\program files (x86)\\cyberlink\\powerdvd8\\pdvd8serv.exe" "hkey"="HKLM" "item"="RemoteControl8" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl] "command"="c:\\program files\\realtek\\audio\\hda\\ravcpl64.exe -s" "hkey"="HKLM" "item"="RtHDVCpl" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg] "command"="c:\\program files (x86)\\google\\googletoolbarnotifier\\googletoolbarnotifier.exe" "hkey"="HKCU" "item"="swg" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh] "command"="%programfiles%\\synaptics\\syntp\\syntpenh.exe" "hkey"="HKLM" "item"="SynTPEnh" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateLBPShortCut] "command"="c:\\program files (x86)\\cyberlink\\labelprint\\muitransfer\\muistartmenu.exe\" \"c:\\program files (x86)\\cyberlink\\labelprint\" updatewithcreateonce \"software\\cyberlink\\labelprint\\2.5" "hkey"="HKLM" "item"="UpdateLBPShortCut" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateP2GoShortCut] "command"="c:\\program files (x86)\\cyberlink\\power2go\\muitransfer\\muistartmenu.exe\" \"c:\\program files (x86)\\cyberlink\\power2go\" updatewithcreateonce \"software\\cyberlink\\power2go\\6.0" "hkey"="HKLM" "item"="UpdateP2GoShortCut" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk] "item"="Bluetooth" "backup"="C:\\windows\\pss\\Bluetooth.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\WIDCOMM\\BLUETO~1\\BTTray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Berre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] "item"="Dropbox" "backup"="C:\\windows\\pss\\Dropbox.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\Berre\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe" "path"="C:\\Users\\Berre\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk" ==== Startup Folders ====================== 2015-01-26 17:15:15 1138 ----a-w- C:\Users\Berre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [26/01/2015 21:32] C:\windows\tasks\DriverNavigator Scheduled Scan.job --a------ C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe [] C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-543984391-606257222-1702330859-1000Core.job --a------ C:\Users\Berre\AppData\Local\Facebook\Update\FacebookUpdate.exe [] C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-543984391-606257222-1702330859-1000UA.job --a------ C:\Users\Berre\AppData\Local\Facebook\Update\FacebookUpdate.exe [] C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08/11/2013 18:22] C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08/11/2013 18:22] ==== Other Scheduled Tasks ====================== "C:\windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\windows\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\windows\SysNative\tasks\advSRS4" ["C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe"] "C:\windows\SysNative\tasks\APSchedulerC" [C:\Program Files (x86)\AnyPC Client\APLanMgrC.exe] "C:\windows\SysNative\tasks\avastBCLRestartS-1-5-21-543984391-606257222-1702330859-1000" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe] "C:\windows\SysNative\tasks\BatteryLifeExtender" [C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe] "C:\windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\windows\SysNative\tasks\Driver Booster SkipUAC (Berre)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\windows\SysNative\tasks\Driver Booster SkipUAC (SYSTEM)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\windows\SysNative\tasks\DriverNavigator Scheduled Scan" [C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe] "C:\windows\SysNative\tasks\EasyBatteryManager" ["%ProgramFiles(x86)%\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe"] "C:\windows\SysNative\tasks\EasySpeedUpManager" ["%programfiles(x86)%\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe"] "C:\windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-543984391-606257222-1702330859-1000Core" [C:\Users\Berre\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-543984391-606257222-1702330859-1000UA" [C:\Users\Berre\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\SAgent" ["C:\Program Files\Samsung\S Agent\CommonAgent.exe"] "C:\windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\windows\SysNative\tasks\SmartDefrag3_Startup" [C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe] "C:\windows\SysNative\tasks\SmartDefrag3_Update" [C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe] "C:\windows\SysNative\tasks\SUPBackground" ["%ProgramFiles%\Samsung\Samsung Update Plus\SUPBackground.exe"] "C:\windows\SysNative\tasks\Uninstaller_SkipUac_Berre" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"] "C:\windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe"] "C:\windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe"] "C:\windows\SysNative\tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms" [C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Berre\AppData\Roaming\Mozilla\Firefox\Profiles\0mdgcuqz.default-1418590944946 user_pref("browser.startup.homepage", "https://www.google.be/"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{F003DA68-8256-4b37-A6C4-350FA04494DF}"="C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt" [18/01/2015 15:35] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 40.0.2214.93 (Up to date, latest Stable version: 40.0.2214.93) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dflinnddekagfkncpgojoppgnppfkbkj - No path found[] gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[16/11/2014 20:08] heoldelcflnigdllmlopiefhkkobendj - No path found[] Google Docs - Berre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Berre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Berre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Berre\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Berre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Berre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{CF49125D-FBA8-47CD-B46F-628DEEE6C6B8}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_nlBE560" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="https://www.google.com/search?q={searchTerms}" {CF49125D-FBA8-47CD-B46F-628DEEE6C6B8} Startpage Url="https://startpage.com/do/search?query={searchTerms}&trackid=sp-001" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [UpdatePDRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0" O4 - HKLM\..\Run: [UpdatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0" O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [APLangApp] c:\program files (x86)\anypc client\aplangapp.exe O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Startup: Dropbox.lnk = Berre\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Verzenden naar &Bluetooth-apparaat... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.1.0.0/GarminAxControl_32.CAB O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Rezip - Unknown owner - C:\windows\SysWOW64\Rezip.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: Sony Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe O23 - Service: Sony Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: SW Update Service (SWUpdateService) - Samsung Electronics CO., LTD. - C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Berre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Berre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Berre\AppData\Local\Mozilla\Firefox\Profiles\ijyim6b1.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Berre\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1133 folders=125 85258818 bytes) ==== Empty Temp Folders ====================== C:\Users\Berre\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\windows\Temp successfully emptied C:\Users\Berre\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on do 29/01/2015 at 19:04:22,86 ======================