Zoek.exe Version 5.0.0.0 Updated 06-December-2015 Tool run by Dirk on di 08/12/2015 at 17:15:51,64. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Dirk\Desktop\zoek (1).exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2015-05-11-094336.log 64671 bytes C:\zoek-results2015-05-15-092733.log 65081 bytes C:\zoek-results2015-05-16-091424.log 68529 bytes C:\zoek-results2015-12-08-151622.log 56665 bytes C:\zoek-results2015-12-08-161155.log 69532 bytes ==== Empty Folders Check ====================== \.com_ibm_tools_attach \12071510-00001bf8-yi6uolfhxo \12071511-00001bf8-08id2g25dk \12071511-00001bf8-1pdko88e9c \12071511-00001bf8-a8kl6uhtjy \12071511-00001bf8-dn6z49i2co \12071511-00001bf8-ed0st0mehl \12071511-00001bf8-its8g9dd63 \12071511-00001bf8-mqi3o9e8po \12071511-00001bf8-p558svmir4 \12071511-00001bf8-sl6xe79bhr \12071511-00001bf8-tjmw6tnu1r \12071511-00001bf8-z848w73all \12071512-00001bf8-b2zb6lowvd \12071512-00001bf8-egohbyigq7 \12071512-00001bf8-gek67yvueo \12071512-00001bf8-hzkpfb0hpk \12071512-00001bf8-irk1rluobs \12071512-00001bf8-k6heeshy44 \12071512-00001bf8-levymp7vmr \12071512-00001bf8-mrt1akzgqn \12071512-00001bf8-qjo4m2lfnm \12071512-00001bf8-ql4fb0ylpp \12071512-00001bf8-v2b0zy104e \12071512-00001bf8-vdwue3o9lk \12071512-00001bf8-wltrtx5ax2 \12071512-00001bf8-z0o573dxmm \12071513-00001bf8-3272vm2muz \12071513-00001bf8-3996c9z679 \12071513-00001bf8-8m6kqz3le9 \12071513-00001bf8-am72vmhw47 \12071513-00001bf8-jb6uk2bscl \12071513-00001bf8-llr9nzji1n \12071513-00001bf8-p8jmvbno69 \12071513-00001bf8-s0rlsfyqxo \12071513-00001bf8-yvox1meuoh \12071513-00001bf8-zy7e58py9p \12071514-00001bf8-017v39szk1 \12071514-00001bf8-1kd30lvn9h \12071514-00001bf8-3lyfnoh732 \12071514-00001bf8-5yuv6um3vk \12071514-00001bf8-8mv3yz40fj \12071514-00001bf8-d8wuyik7pg \12071514-00001bf8-dh1ayho9bi \12071514-00001bf8-emtnldms5o \12071514-00001bf8-euef5prpsz \12071514-00001bf8-fbyfni5on3 \12071514-00001bf8-hhi1kioo43 \12071514-00001bf8-k9x3srk91j \12071514-00001bf8-net6cphafm \12071514-00001bf8-nzw2l5hcaa \12071514-00001bf8-rh2vdecsjt \12071514-00001bf8-rmcmee7dp7 \12071514-00001bf8-uc0ewv5vwi \12071514-00001bf8-zdqrre8j15 \12071515-00001bf8-0ckokhiaui \12071515-00001bf8-1zicjcvxlh \12071515-00001bf8-4dpjuov915 \12071515-00001bf8-78cno5actn \12071515-00001bf8-7s4tn0tfhe \12071515-00001bf8-a9163n56k6 \12071515-00001bf8-ehl5damlln \12071515-00001bf8-ennhu3xvgn \12071515-00001bf8-gdso91io6k \12071515-00001bf8-icf1k6e4ji \12071515-00001bf8-iwgh7eqmut \12071515-00001bf8-kp3u89uclj \12071515-00001bf8-nn7pqnfc6y \12071515-00001bf8-o77z00g6ez \12071515-00001bf8-swu7444e0y \12071515-00001bf8-wjtikot5wp \12071515-00001bf8-wk8hgows6l \12071515-00001bf8-zog5n21lzi \12071516-00001bf8-3zk4zimavo \12071516-00001bf8-4w3ljgyzub \12071516-00001bf8-8a3qfoas6n \12071516-00001bf8-cq26yguqwp \12071516-00001bf8-esp7v605t5 \12071516-00001bf8-g1b93poe5i \12071516-00001bf8-gme12hdob5 \12071516-00001bf8-leer5mha0g \12071516-00001bf8-o7pypbt9l1 \12071516-00001bf8-oej7f08jda \12071516-00001bf8-w5fcuelqgr \12071516-00001bf8-wxfyd00nsw \12071516-00001bf8-xuqv8ja2d2 \12071516-00001bf8-yvoemm13r0 \12071516-00001bf8-z7xdwuxry2 \12071517-00001bf8-42uxmty9gv \12071517-00001bf8-as1sbj7nib \12071517-00001bf8-gfs2ilxqp1 \12071517-00001bf8-kly888xwcm \12071517-00001bf8-lza8bend5x \12071517-00001bf8-rjxrhv9c58 \12071517-00001bf8-t3sd06w2au \12071517-00001bf8-t4l7odbetf \12071517-00001bf8-vp9847e61o \12071518-00001bf8-0ype6t8yol \12071518-00001bf8-180d1bfpzx \12071518-00001bf8-2hk6tpx0cu \12071518-00001bf8-36kwdt0726 \12071518-00001bf8-3c6e5mkqpe \12071518-00001bf8-5sg9zg85by \12071518-00001bf8-77nlamziix \12071518-00001bf8-avghe87wkf \12071518-00001bf8-bu62nm7rhv \12071518-00001bf8-epe7gk5gmy \12071518-00001bf8-hm5yeqpsgq \12071518-00001bf8-kaddfvpezz \12071518-00001bf8-kk2jgp2qeq \12071518-00001bf8-polq40tngm \12071518-00001bf8-pug3oddapz \12071518-00001bf8-qifpi6eqoh \12071518-00001bf8-qjxktssaar \12071518-00001bf8-u5mn9ys7oy \12071518-00001bf8-wjiq67zqe7 \12071518-00001bf8-x0xcgjyc3s \12071518-00001bf8-x8xg4dy6of \12071519-00001bf8-57n3lo50us \12071519-00001bf8-5dhv5stv6m \12071519-00001bf8-73vxjd6tfx \12071519-00001bf8-7un37oczo1 \12071519-00001bf8-7ybtqhr2dj \12071519-00001bf8-8xucbhdyvo \12071519-00001bf8-9mg5w7kzpd \12071519-00001bf8-9uj2i7cuyo \12071519-00001bf8-cqachf7x7l \12071519-00001bf8-enticgg6h5 \12071519-00001bf8-ermy3tgy4q \12071519-00001bf8-ldwso2rqme \12071519-00001bf8-lqt0tbeoj2 \12071519-00001bf8-m2kg5m2zwm \12071519-00001bf8-nh3048dsu4 \12071519-00001bf8-s49g10ifh4 \12071519-00001bf8-sep00g1t3j \12071519-00001bf8-t6nu32rhmq \12071519-00001bf8-t7766c835c \12071519-00001bf8-uw4isszuev \12071519-00001bf8-zdl49ymz0d \12071519-00001bf8-zu2r27lkme \12071520-00001bf8-3zjg6b1iw9 \12071520-00001bf8-5tmtj0juca \12071520-00001bf8-arndce62ch \12071520-00001bf8-o8y0l9tyf7 \12071520-00001bf8-v2bvklcug5 \12071523-00001bf8-83jerm61kh \12071533-00001bf8-j1pbnvd5v0 \12071542-000010a8-f3ns0yvvoc \21C4.tmp \A45E20A8-5FDF-4f44-AE46-067F5263536C \acro_rd_dir \Adobe \Adobe_ADMLogs \avg-98d4c234-bf68-4a5a-a319-6a0d302eca1a-toast \avg-ef239576-45b5-4176-ae62-1f5c309b0677-toast \comtypes_cache \DPE \Excel8.0 \ge3968 \ge6376 \Google Toolbar \hsperfdata_Dirk \ImageDebug \Low \MessengerCache \msdt \msohtmlclip \msohtmlclip1 \OICE_7730D919-D73D-410C-B949-2274A4807956.0 \plugtmp \SilverStreakLog \Skype \VBE \wlmail-433777574 \WPDNSE \{6CD73578-E629-4CE1-A93A-5A74CF6942FB} \{F81D6FE8-FEC8-4AF8-8573-4DCD2FD2F9DC} \{F9662515-8B45-48E6-A4CA-5279E2C00AD6} \~DEST ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== 4500_G510nz_Help 4500G510nz 4500G510nz_Software_Min 64 Bit HP CIO Components Installer Adobe AIR Adobe Flash Player 19 ActiveX Adobe Flash Player 19 NPAPI Adobe Reader X (10.1.16) MUI Adobe Refresh Manager Adobe Shockwave Player 11.6 Apple Application Support (32-bit) Apple Application Support (64-bit) Apple Mobile Device Support Apple Software Update ArcSoft Panorama Maker 5 Ashampoo Burning Studio Ashampoo Photo Commander Ashampoo Photo Optimizer Ashampoo Snap Asmedia ASM104x USB 3.0 Host Controller Driver AVEO USB2.0 PC Camera(S5HVTV1P20821) AVG AVG 2016 AVG Protection Belgium e-ID middleware 4.0.7 (build 7466) Bonjour Brother MFL-Pro Suite MFC-7360N BufferChm CCleaner Corel Graphics - Windows Shell Extension Corel Graphics - Windows Shell Extension 64 Bit CorelDRAW Essentials X5 - Common CorelDRAW Essentials X5 - Connect CorelDRAW Essentials X5 - Custom Data CorelDRAW Essentials X5 - DE CorelDRAW Essentials X5 - Draw CorelDRAW Essentials X5 - EN CorelDRAW Essentials X5 - ES CorelDRAW Essentials X5 - Extra Content CorelDRAW Essentials X5 - Filters CorelDRAW Essentials X5 - FR CorelDRAW Essentials X5 - IPM CorelDRAW Essentials X5 - IT CorelDRAW Essentials X5 - PHOTO-PAINT CorelDRAW Essentials X5 - Redist CorelDRAW Essentials X5 - Setup Files CorelDRAW Essentials X5 - WT CorelDRAW Essentials X5 CyberLink LabelPrint CyberLink MediaEspresso CyberLink Power2Go CyberLink PowerDVD Copy CyberLink PowerRecover CyberLink YouPaint D3DX10 Definition Update for Microsoft Office 2010 (KB3101540) 32-Bit Edition Destinations DeviceDiscovery DocMgr DocProc Dropbox Facebook Video Calling 3.1.0.521 Fax Firebird 2.1.1.17910 (Win32) Firebird SQL Server - MAGIX Edition FMW 1 Fotogalerie Fotogalerija Fotograf Galerisi Fot¢t r Galeria de Fotografias do Windows Live Galer¡a de fotos Galeria fotografii Galerie de photos Google Chrome Google Earth Google Earth Plug-in Google Earth Pro Google SketchUp 8 Google Toolbar for Internet Explorer Google Update Helper GPBaseService2 HiJackThis HP Customer Participation Program 13.0 HP Document Manager 2.0 HP Imaging Device Functions 13.0 HP Officejet 4500 G510n-z HP Smart Web Printing 4.5 HP Solution Center 13.0 HP Update HPDiagnosticAlert HPProductAssistant HPSSupply IBM Lotus Symphony Intel(R) Management Engine Components Intel(R) Rapid Storage Technology IrfanView (remove only) iTunes Java 8 Update 66 Java Auto Updater Junk Mail filter update Lotus Organizer 97 MAGIX Foto Manager 2007 4.1.1.89 (NL) MAGIX Music Manager 2007 8.1.1.98 (NL) MAGIX Video deluxe 2008 PLUS 7.0.2.3 (NL) MAGIX Xtreme Photo Designer 6 6.0.20.0 (NL) Malwarebytes Anti-Malware versie 2.0.2.1012 MarketResearch McAfee Security Scan Plus McAfee WebAdvisor Medion Home Cinema Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft .NET Framework 4.5.2 Microsoft Application Error Reporting Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Home and Student 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft OneDrive Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft XML Parser MioMore Desktop Movie Maker Mozilla Firefox 41.0.2 (x86 nl) Mozilla Maintenance Service MSI to redistribute MS VS2005 CRT libraries MSVC90_x64 MSVC90_x86 MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB2758694) MSXML 4.0 SP3 Parser (KB973685) MyFreeCodec Network64 Nikon File Uploader 2 Nikon Message Center 2 Nitro Reader 3 Nokia Connectivity Cable Driver Nokia PC Suite Nuance PaperPort 12 Nuance PDF Viewer Plus NVIDIA-configuratiescherm 331.65 NVIDIA 3D Vision controllerstuurprogramma 306.23 NVIDIA 3D Vision stuurprogramma 331.65 NVIDIA Grafisch stuurprogramma 331.65 NVIDIA HD Audio-stuurprogramma 1.3.18.0 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX systeemsoftware 9.12.0604 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.15.2 NVIDIA Update Components OCR Software by I.R.I.S. 13.0 Paint Shop Pro 7 Anniversary Edition PaperPort Image Printer 64-bit PC Connectivity Solution PCDJ Red 5.0 Photo Common Photo Gallery Picture Control Utility Pimero 2011 R3 Free Edition PLATINUM PV-Monitor v2.2.1 PlayReady PC Runtime amd64 Poczta uslugi Windows Live Podstawowe programy Windows Live Posta Windows Live QuickTime 7 Raccolta foto Realtek High Definition Audio Driver S?????? f?t???af??? Samsung Kies SAMSUNG USB Driver for Mobile Phones Scan Scansoft PDF Professional Security Update for Microsoft .NET Framework 4.5.2 (KB3074230) Security Update for Microsoft .NET Framework 4.5.2 (KB3074550) Security Update for Microsoft .NET Framework 4.5.2 (KB3097996) Security Update for Microsoft .NET Framework 4.5.2 (KB3098781) Security Update for Microsoft Access 2010 (KB3101544) 32-Bit Edition Security Update for Microsoft Excel 2010 (KB3101543) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2878230) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553313) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598244) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2920748) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2965310) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3054848) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085560) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3101521) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB3054978) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB3085594) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2817478) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB3101526) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2965313) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Shop for HP Supplies Skype Click to Call SkypeT 7.0 SmartWebPrinting SolutionCenter Speccy Spelling Dictionaries Support For Adobe Reader X Status Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) Sunny Design 2.20 Switch Sound File Converter swMSM SyncBackFree Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD TeamViewer 9 TomTom HOME TomTom HOME Visual Studio Merge Modules Toolbox TrayApp Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2881026) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition Update for Microsoft Office 2010 (KB2553388) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2791057) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2837592) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition Update for Microsoft Office 2010 (KB3054886) 32-Bit Edition Update for Microsoft Office 2010 (KB3054977) 32-Bit Edition Update for Microsoft Office 2010 (KB3055042) 32-Bit Edition Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition Update for Microsoft Office 2010 (KB3085512) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition Update for Microsoft Outlook 2010 (KB3085604) 32-Bit Edition Update for Microsoft Outlook 2010 (KB3101535) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2881021) 32-Bit Edition VASCO Card Reader Plug-In (64-Bit) VASCO Smart Card Reader Plug-In (User) ViewNX 2 Visual Studio 2008 x64 Redistributables Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables WavePad Sound Editor WebReg Windows-stuurprogrammapakket - Nokia Modem (02/25/2011 4.7) Windows-stuurprogrammapakket - Nokia Modem (02/25/2011 7.01.0.9) Windows-stuurprogrammapakket - Nokia pccsmcfd (08/22/2008 7.0.0.0) Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Fotogalleri Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Par‡alar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Liven asennusty”kalu Windows Liven s„hk”posti Windows Liven valokuvavalikoima WinZip 17.5 ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe C:\Windows\SysWOW64\svchost.exe C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\AVG\Av\avgui.exe C:\Program Files (x86)\AVG\Framework\Common\avguix.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Users\Dirk\Desktop\zoek (1).exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== ==== Registry Search Results for "dssrequest" ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\dssrequest] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\PROTOCOLS\Handler\dssrequest] ==== Registry Search Results for "sacore" ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DAABE21E-DB8C-49b8-9511-9E6547ECBC5F}] "AppName"="McSACore.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1979E8FF-4A11-4B60-AE19-BB8CBE8B829C}] @="IMcSACore" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5022E998-676C-442A-897C-9DBD268FE261}] @="IMcSACoreCheckSum" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\sacore] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1979E8FF-4A11-4B60-AE19-BB8CBE8B829C}] @="IMcSACore" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{5022E998-676C-442A-897C-9DBD268FE261}] @="IMcSACoreCheckSum" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\PROTOCOLS\Handler\sacore] ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4078 MB CPU Info: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz CPU Speed: 3036,0 MHz Sound Card: Realtek HD Audio 2nd output (Re | Display Adapters: NVIDIA GeForce GTX 550 Ti | NVIDIA GeForce GTX 550 Ti | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Realtek PCIe GBE Family Controller | Realtek RTL8191SU Wireless LAN 802.11n USB 2.0 Network Adapter CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SH-216AB Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 1811,9GB | D: 50,0GB | F: 189,9GB Hard Disks - Free: C: 1557,6GB | D: 22,2GB | F: 110,8GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 08/15/11 | MEDION - 7292010 Time Zone: Romance (standaardtijd) Motherboard *: MEDIONPC MS-7728 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== AV: AVG AntiVirus Free Edition *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AVG AntiVirus Free Edition *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE} Internet Explorer Version: 11.0.9600.18097 Mozilla Firefox version: 41.0.2 (x86 nl) Google Chrome version: 47.0.2526.73 Adobe Reader version: 10.1.16.13 Sun Java version: 1.8.0_66 (32-bit) Sun Java version: 1.8.0_66 (64-bit) Flash Player version: 19.0.0.245 Shockwave Player version: 11.6.1r629 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Dirk\AppData\Local\Temp ==== 2015-12-08 14:38:56 ECA3AE15FC14FF9736F637143F4C5A96 71168 ----a-w- C:\Users\Dirk\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpagnlvb.dll 2015-12-07 14:23:34 282791611C9DBA51A4425DE58CC8DF27 7710720 ----a-w- C:\Users\Dirk\AppData\Local\Temp\12071523-00001bf8-83jerm61kh\WLXSuite.msi 2015-12-03 08:32:50 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Dirk\AppData\Local\Temp\GURFD22.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2015-12-07 14:24:54 8DE1B4F579F8F8897409856F3BB7A7D2 58056 ----a-w- C:\Windows\Sysnative\drivers\fssfltr.sys 2015-11-13 09:47:38 33D52A96BEEE8AFCE9E07EEC9FE0C9DB 154560 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2015-11-13 09:47:37 EC0511BB85BAA42A9734011685A6732C 460776 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2015-11-13 09:47:35 BCC83F22805F560C8A487F2F296A78FE 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-11-13 09:47:33 ACB763673BCCE6C7B3B8F858C9FE4F1F 129024 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2015-11-13 09:47:33 7C81098FBAF2EAF5B54B939F832B0F61 290816 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2015-11-13 09:47:33 73ADDCC406B86E7DA4416691E8E74BDA 159232 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2015-11-13 09:46:38 AA77EB517D2F07A947294F260E3ACA83 118272 ----a-w- C:\Windows\Sysnative\drivers\tdx.sys 2015-11-13 09:46:38 9A4A1EEE802BF2F878EE8EAB407B21B7 497664 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2015-11-13 09:46:28 F7309F42555F8AAB7144A51A1F2585B0 950720 ----a-w- C:\Windows\Sysnative\drivers\ndis.sys ====== C:\Windows\Tasks ====== 2015-12-03 09:35:37 -------- d-----w- C:\Windows\Sysnative\Tasks\Leader Technologies ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-12-07 14:24:32 -------- d-----w- C:\Program Files\Windows Live ======= C:\PROGRA~2 ===== 2015-12-08 10:44:39 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2015-12-07 14:17:22 -------- d-----w- C:\PROGRA~2\Microsoft OneDrive ======= C: ===== ====== C:\Users\Dirk\AppData\Roaming ====== 2015-12-08 16:11:55 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2015-12-08 16:11:55 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-12-08 16:11:55 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Temp 2015-12-08 16:11:55 -------- d-----w- C:\Users\TEMP\AppData\Local\Temp 2015-12-08 16:11:55 -------- d-----w- C:\Users\TEMP.Dirk-PC\AppData\Local\Temp 2015-12-08 16:11:55 -------- d-----w- C:\Users\Public\AppData\Local\Temp 2015-12-08 16:11:55 -------- d-----w- C:\Users\Dirk 2\AppData\Local\Temp 2015-12-08 16:11:55 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2015-12-08 16:11:55 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2015-12-03 09:35:24 -------- d-----w- C:\Users\Dirk\AppData\Roaming\Leadertech 2015-11-13 09:50:49 -------- d-----w- C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox ====== C:\Users\Dirk ====== 2015-12-08 10:38:07 54760F6D9991A94FE0B6CD83AE8377B4 584288 ----a-w- C:\Users\Dirk\Downloads\JavaSetup8u66 (1).exe 2015-12-08 10:37:51 54760F6D9991A94FE0B6CD83AE8377B4 584288 ----a-w- C:\Users\Dirk\Downloads\JavaSetup8u66.exe 2015-12-07 18:36:50 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Dirk\Downloads\RSITx64.exe 2015-12-07 14:17:15 -------- d-----r- C:\Users\Dirk\OneDrive 2015-12-07 14:16:50 -------- d-----w- C:\ProgramData\Microsoft OneDrive 2015-12-07 10:14:39 D1FD677582820AB3A60528EAC18FE31C 1243328 ----a-w- C:\Users\Dirk\Downloads\wlsetup-web.exe 2015-11-28 14:31:02 56D908278E935A9CF12D571FF29C81E2 929872 ----a-w- C:\Users\Dirk\Dropbox\chromecastinstaller.exe 2015-11-28 14:29:51 56D908278E935A9CF12D571FF29C81E2 929872 ----a-w- C:\Users\Dirk\Downloads\chromecastinstaller.exe ====== C: exe-files == 2015-12-08 10:43:41 FDF059C05249FAEA0221ED65CD59A9C8 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\javacpl.exe 2015-12-08 10:43:41 F003BBCB09CACF8A9F4CE0C67A2D6E63 278624 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaws.exe 2015-12-08 10:43:41 EFC80BC662BCC20B0B09700636FDC732 30816 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\jabswitch.exe 2015-12-08 10:43:41 D8EEED21B06866E85DA30485F5059FF6 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\servertool.exe 2015-12-08 10:43:41 CA51FB3FE5012E21D9A14AC071527866 76896 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2launcher.exe 2015-12-08 10:43:41 ADAF1151B29D2D1691FA027B6C55B3D7 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssvagent.exe 2015-12-08 10:43:41 A9E84AD3536425BC68263B723C2442E4 191072 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\java.exe 2015-12-08 10:43:41 8977B87AB10AB1DA8769CA0053B401B0 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\jjs.exe 2015-12-08 10:43:41 7BE9BE6E15653824A28F5CED6B273588 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\klist.exe 2015-12-08 10:43:41 7BDD7F1BC2A20971DEE17B6920D61BBC 191584 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaw.exe 2015-12-08 10:43:41 73368169BFD965EC6257E77C23CED879 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\rmiregistry.exe 2015-12-08 10:43:41 525027DF51378DDA25F0F52C20BCB132 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\kinit.exe 2015-12-08 10:43:41 46AB480B01CD30801B3AE89B5AAE75A8 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\orbd.exe 2015-12-08 10:43:41 3B306D41F07396975ECE34A860BD9036 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\pack200.exe 2015-12-08 10:43:41 36A44033C6B970F95E2A1448F4481CEA 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\keytool.exe 2015-12-08 10:43:41 28FB06FC63D5817153B5502A49DF3F00 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\ktab.exe 2015-12-08 10:43:41 17A8DD2484DC26E38DFE3209C8B36980 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\policytool.exe 2015-12-08 10:43:41 0B82777B13B81417E5520DF7B1E8C319 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\rmid.exe 2015-12-08 10:43:41 0A3936FE18FC04350159A1E647201501 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\tnameserv.exe 2015-12-08 10:43:41 092F4D3C25F3086D4C7FDEC79DD71302 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\unpack200.exe 2015-12-08 10:43:41 04D67FF5044A605F1E7D923A1D6F1751 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\java-rmi.exe 2015-12-08 10:40:34 4DF8AE87AF8B98D84F2D0C0B66550E5B 6000232 ----a-w- C:\ProgramData\Avg\Setup\av\avgmfapx.exe 2015-12-08 10:40:34 3CAF959D7275C91B2DB96BF60AFEB6EF 71592 ----a-w- C:\ProgramData\Avg\Setup\av\avguirux.exe 2015-12-08 10:17:13 9F76983EE43584A1A10B8B08B3BF1615 43870800 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\47.0.2526.73\47.0.2526.73_chrome_installer.exe 2015-12-07 14:17:57 1C7B42662625CB22E1CAA241A1D845CC 6912080 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\47.0.2526.73\47.0.2526.73_46.0.2490.86_chrome_updater.exe 2015-12-07 14:17:22 B18FF6F1680E0B2E2F2A63AD2F335AA7 6081224 ----a-w- C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe 2015-12-07 14:17:22 B18FF6F1680E0B2E2F2A63AD2F335AA7 6081224 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\271b67df1d130f903\onedrivesetup.exe 2015-12-07 14:11:36 DDCE338BB173B32024679D61FB4F2BA6 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2d2497221d130f906\DXSETUP.exe 2015-12-07 14:11:19 F5443547CAAC20AA334A88817579270F 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2265e1f41d130f902\DXSETUP.exe 2015-12-07 14:11:12 DDCE338BB173B32024679D61FB4F2BA6 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\1c83b7071d130f901\DXSETUP.exe 2015-12-02 09:11:26 BA7396EF42213C0F84343C186610B851 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleUpdateWebPlugin.exe 2015-12-02 09:11:25 EC0FAADC62E1C1DADA953DE433BEFB01 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleUpdateOnDemand.exe 2015-12-02 09:11:25 AD8495335C1A605A4E0E32334DF52303 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleUpdateBroker.exe 2015-12-02 09:11:24 1D652959033B873B77B8D5A12011FD85 927824 ----a-w- C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleUpdateSetup.exe 2015-12-02 09:11:13 5424FDF3776F5458EAFAABFB87AA9285 130888 ----atw- C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleUpdateComRegisterShell64.exe 2015-12-02 09:11:12 7DC16FAEA44C8D96A1C113305A4059A2 245576 ----atw- C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe 2015-12-02 09:11:12 73F542663FD48B49A798A56DAA18C136 307016 ----atw- C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe 2015-12-02 09:11:10 88FBBB1C601A6BC42054E57C2897FA45 144200 ----atw- C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleUpdate.exe 2015-12-02 09:11:02 1D652959033B873B77B8D5A12011FD85 927824 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.29.1\GoogleUpdateSetup.exe === C: other files == 2015-12-08 10:43:42 4DB4B1F67E583B41F841F48254BE38E3 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\lib\deploy\ffjcext.zip 2015-12-07 14:16:54 6DA967AC75C23FBFB920A54A40607812 5843 ----a-w- C:\Users\Dirk\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\CollectOneDriveLogs.bat ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1001\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1002\Software\Microsoft\Windows\CurrentVersion\Run] "ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "TrayServer"="C:\Program Files (x86)\MAGIX\Video_deluxe_2008_PLUS\TrayServer.exe" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "AVG_UI"="C:\Program Files (x86)\AVG\Av\avgui.exe /TRAYONLY" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguix.exe /fmw.trayonly" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcSoft Connection Service] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ArcSoft Connection Service" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BrStsMon00] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BrStsMon00" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Browny02\\Brother\\BrStMonW.exe /AUTORUN" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ControlCenter4] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ControlCenter4" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\ControlCenter4\\BrCcBoot.exe /autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dropbox Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Dropbox Update" "hkey"="HKCU" "command"="\"C:\\Users\\Dirk\\AppData\\Local\\Dropbox\\Update\\DropboxUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Facebook Update" "hkey"="HKCU" "command"="\"C:\\Users\\Dirk\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IndexSearch] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IndexSearch" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Nuance\\PaperPort\\IndexSearch.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesPreload" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Samsung\\Kies\\Kies.exe /preload" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesTrayAgent" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Nikon Message Center 2] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Nikon Message Center 2" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Nikon\\Nikon Message Center 2\\NkMC2.exe -s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PaperPort PTD] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PaperPort PTD" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Nuance\\PaperPort\\pptd40nt.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PC Suite Tray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PC Suite Tray" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Nokia\\Nokia PC Suite 7\\PCSuite.exe\" -onlytray" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDF5 Registry Controller] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PDF5 Registry Controller" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Nuance\\PDF Viewer Plus\\RegistryController.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDFHook] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PDFHook" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Nuance\\PDF Viewer Plus\\pdfpro5hook.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PPort12reminder] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PPort12reminder" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Nuance\\PaperPort\\Ereg\\Ereg.exe\" -r \"C:\\ProgramData\\ScanSoft\\PaperPort\\12\\Config\\Ereg\\Ereg.ini\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SymphonyPreLoad] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SymphonyPreLoad" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\IBM\\Lotus\\Symphony\\framework\\shared\\eclipse\\plugins\\com.ibm.symphony.standard.launcher.win32.x86_3.0.1.20120110-2000\\IBM Lotus Symphony\" -nogui -nosplash" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TomTomHOME.exe" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Dirk^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] "path"="C:\\Users\\Dirk\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk" "backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\Dirk\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup" "item"="Dropbox" ==== Startup Folders ====================== 2015-11-13 09:51:23 1135 ----a-w- C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2012-01-31 18:50:58 1300 ----a-w- C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk 2013-02-28 09:22:25 2103 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13/11/2015 11:44] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002Core.job --a------ [Undetermined Task] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002UA.job --a------ C:\Users\Dirk\AppData\Local\Dropbox\Update\DropboxUpdate.exe [18/06/2015 09:22] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002Core.job --a------ [Undetermined Task] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002UA.job --a------ C:\Users\Dirk\AppData\Local\Facebook\Update\FacebookUpdate.exe [06/08/2012 18:27] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29/08/2015 17:58] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29/08/2015 17:58] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002Core" [C:\Users\Dirk\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002UA" [C:\Users\Dirk\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002Core" [C:\Users\Dirk\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002UA" [C:\Users\Dirk\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Registration Trigger IBM Lotus Symphony Task" [C:\Program Files (x86)\IBM\Lotus\Symphony\framework\rcp\rcplauncher.exe] "C:\Windows\SysNative\tasks\{0F149FCB-27FD-47FC-922C-1532BED19E87}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE] "C:\Windows\SysNative\tasks\{25A9E8EC-8939-4E61-86D6-1774133BC7E8}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE] "C:\Windows\SysNative\tasks\{4666BE53-331E-40A3-A3A3-CBFE04293AD6}" [E:\SETUP.EXE] "C:\Windows\SysNative\tasks\{663700EA-3034-1400-0A55-9177391EF801}" [C:\Users\Dirk\AppData\Roaming\raOLYQtH\dvAKIHAm\DViFzICi\oSIIWwOKX.exe] "C:\Windows\SysNative\tasks\{71B44408-363F-4BCB-8943-1D25D40E036A}" [E:\SETUP.EXE] "C:\Windows\SysNative\tasks\{9E18404F-CACC-4243-BE17-DE6F5D38E8D2}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE] "C:\Windows\SysNative\tasks\{AC56546B-526C-4297-A8FC-9670BF7B3764}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE] "C:\Windows\SysNative\tasks\{B305BF8E-3081-4888-8652-590E4040904C}" [E:\SETUP.EXE] "C:\Windows\SysNative\tasks\{D633FEBC-526C-41F1-BA76-2427BDF84EF3}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\NCH Software\wavepadShakeIcon" [C:\Program Files (x86)\NCH Software\WavePad\WavePad.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\nnehaohk.default user_pref("browser.startup.homepage", "http://www.hln.be/"); user_pref("browser.search.selectedEngine", "Google"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [28/02/2013 10:23] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [28/02/2013 10:23] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\nnehaohk.default - Bitdefender QuickScan - %ProfilePath%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} ProfilePath: C:\Users\Dirk\AppData\Roaming\TomTom\HOME\Profiles\8iyol1o0.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Carminat TomTom - %ProfilePath%\extensions\RenaultTheme@tomtom.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Undetermined - %AppDir%\extensions\belgiumeid@eid.belgium.be - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\nnehaohk.default 87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies F475DAA3CF6D19DA49BE7BAC0A966DB3 - C:\Windows\SysWoW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director F114FBA6246530B89DD1E04351E0EAC5 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll - Shockwave Flash CAF78E18A9E1380A0A38065B3B1210E0 - C:\Users\Dirk\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin 3CD19649B2C3023D65E67C056457A2BC - C:\Users\Dirk\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 1CDD28B47D8198F868349BDFBCD1281B - C:\Users\Dirk\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 11:45] Google Docs - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Skype Click to Call - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com/ig/redirectdomain?brand=MDNE&bmod=MDNE", "startup_urls": [ "http://www.google.com/ig/redirectdomain?brand=MDNE&bmod=MDNE" ] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.hln.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.hln.be/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKCU\SearchScopes "DefaultScope"="{EB00FFD9-2AA4-43FA-829E-EA5EFF0C4E39}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} HKCU\SearchScopes\{EB00FFD9-2AA4-43FA-829E-EA5EFF0C4E39} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNE_enDE393BE460 ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== HijackThis Entries ====================== O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_2008_PLUS\TrayServer.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-21-462824799-3137052604-784381099-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-462824799-3137052604-784381099-1001\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'UpdatusUser') O4 - HKUS\S-1-5-21-462824799-3137052604-784381099-1001\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler (User 'UpdatusUser') O4 - HKUS\S-1-5-21-462824799-3137052604-784381099-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Dropbox.lnk = Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.dexia.be O15 - Trusted Zone: http://www.hln.be O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab O18 - Protocol: dssrequest - (no CLSID) - (no file) O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing) O18 - Protocol: sacore - (no CLSID) - (no file) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: UPnPService - Magix AG - C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Dirk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Dirk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Dirk 2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Dirk 2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\TEMP.Dirk-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Dirk\AppData\Local\Mozilla\Firefox\Profiles\nnehaohk.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1554 folders=183 211225492 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Dirk\AppData\Local\Temp will be emptied at reboot C:\Users\Dirk 2\AppData\Local\Temp emptied successfully C:\Users\Public\AppData\Local\Temp emptied successfully C:\Users\TEMP\AppData\Local\Temp emptied successfully C:\Users\TEMP.Dirk-PC\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Dirk\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 08/12/2015 at 18:03:35,38 ======================