Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Beekaert Andre on di 07/06/2016 at 14:51:52,31. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: L:\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 7/06/2016 14:53:17 Zoek.exe System Restore Point Created Successfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Empty Folders Check ====================== C:\PROGRA~3\IncrediMail deleted successfully C:\Users\Beekaert Andre\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Beekaert Andre\AppData\Local\EmieSiteList deleted successfully C:\Users\Beekaert Andre\AppData\Local\EmieUserList deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1225927498-1920941668-2367495595-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F8660453-977F-4388-8010-EB0C1936B08A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1225927498-1920941668-2367495595-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully ==== Installed Programs ====================== 7-Zip 9.22 (x64 edition) 9-lab Removal Tool Adobe Flash Player 21 ActiveX Adobe Reader XI (11.0.16) - Nederlands Adobe Refresh Manager Any Video Converter 5.0.9 ArcSoft PhotoStudio 6 Ashampoo Burning Studio 2010 Ashampoo Music Studio 2012 v.1.0.0 Ashampoo WinOptimizer 2016 Audacity 2.1.2 AVG AVG 2016 AVG Protection BufferChm CCleaner Compatibiliteitspakket voor het 2007 Microsoft Office system CyberLink LabelPrint CyberLink Power2Go CyberLink PowerDVD Copy CyberLink PowerRecover CyberLink WaveEditor CyberLink YouCam 5 D3DX10 Defraggler Destinations DocProc Dolby Advanced Audio v2 Dropbox DVD Shrink 3.2 Eusing Free Registry Cleaner Exact Audio Copy 1.0beta3 FileZilla Client 3.10.3 FMW 1 FormatFactory 3.8.0.0 Fotogalerija Windows Live Free PDF to Word Doc Converter v1.1 Free Word To PDF Galeria de Fotografias do Windows Live Galerˇa fotogr fica de Windows Live Galeria fotografii uslugi Windows Live Galerie de photos Windows Live HP Imaging Device Functions 14.5 hp print screen utility HP Scanjet 300 hpgsj300 Image Resizer for Windows Image Resizer for Windows (64 bit) ImgBurn Intel(R) Management Engine Components Intel(R) OpenCL CPU Runtime Intel(R) Processor Graphics Intel(R) USB 3.0 eXtensible Host Controller Driver Intel© Trusted Connect Service Client Java 8 Update 91 Java Auto Updater Junk Mail filter update K-Lite Codec Pack 6.0.4 (Basic) KompoZer 0.8b3 LAME v3.99.3 (for Windows) Malwarebytes Anti-Malware versie 2.2.1.1043 Medion Home Cinema Mesh Runtime Microsoft .NET Framework 4.5.2 (Nederlands) Microsoft .NET Framework 4.5.2 (NLD) Microsoft .NET Framework 4.6.1 Microsoft Office File Validation Add-In Microsoft Office Professional Editie 2003 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Works Microsoft_VC100_CRT_x86 Mp3tag v2.75 MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Native Instruments Traktor Beatport Player Nero 7 Essentials Nitro Reader 3 OCR Software by I.R.I.S. 14.5 OpenOffice 4.1.1 PHotkey Photo Notifier and Animation Creator PhotoFiltre 7 Picasa 3 PlayReady PC Runtime amd64 Poczta uslugi Windows Live Podstawowe programy Windows Live Posta Windows Live PowerDraw V30 PrivaZer Raccolta foto di Windows Live Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Recuva Remove Empty Directories version 2.2 (Admin Editon) Revo Uninstaller 1.95 S?????? f?t???af??? t?? Windows Live Samsung Kies3 SAMSUNG USB Driver for Mobile Phones Scan Similarity 64-bit 1.9.2 Skype Click to Call SkypeT 7.8 Spybot - Search & Destroy SubMagic V0.71 Subtitle Workshop 2.51 SUPERAntiSpyware Synaptics Pointing Device Driver TeraCopy 2.27 TomTom HOME TomTom HOME Visual Studio Merge Modules VirtualDJ LE (JBS DJKontrol1) Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables VLC media player Windows Driver Package - Intel (NETwNs64) net (11/29/2011 15.0.0.75) Windows Live Communications Platform Windows Live Essentials Windows Live Fotogalerie Windows Live Fotograf Galerisi Windows Live Fot˘t r Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Par‡alar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Mobile Device Updater Component YouTube Song Downloader Youtube to MP3 v. 1.7 ZoneAlarm Firewall ZoneAlarm Free Firewall ZoneAlarm Security Zune Zune Language Pack (CHS) Zune Language Pack (CHT) Zune Language Pack (CSY) Zune Language Pack (DAN) Zune Language Pack (DEU) Zune Language Pack (ELL) Zune Language Pack (ESP) Zune Language Pack (FIN) Zune Language Pack (FRA) Zune Language Pack (HUN) Zune Language Pack (IND) Zune Language Pack (ITA) Zune Language Pack (JPN) Zune Language Pack (KOR) Zune Language Pack (MSL) Zune Language Pack (NLD) Zune Language Pack (NOR) Zune Language Pack (PLK) Zune Language Pack (PTB) Zune Language Pack (PTG) Zune Language Pack (RUS) Zune Language Pack (SVE) ==== Running Processes ====================== C:\Program Files (x86)\PHotkey\ASLDRSrv.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe C:\Users\Beekaert Andre\AppData\Local\Dropbox\Update\DropboxUpdate.exe C:\Program Files (x86)\PHotkey\PHotkey.exe C:\Program Files (x86)\PHotkey\MsgTranAgt.exe C:\Users\Beekaert Andre\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\PHotkey\HCSynApi.exe C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG\Framework\Common\avguix.exe C:\Program Files (x86)\PHotkey\POSD.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Windows\SysWOW64\WerFault.exe L:\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\Beekaert Andre\AppData\Roaming\ParetoLogic deleted C:\Users\Beekaert Andre\AppData\Roaming\DriverCure deleted C:\PROGRA~3\Avg_Update_0414b deleted C:\PROGRA~3\Partner deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted C:\Windows\SysWow64\AI_RecycleBin deleted "C:\Users\Beekaert Andre\AppData\Roaming\EAC\CDDB.sdf" deleted "C:\Users\Beekaert Andre\AppData\Roaming\EAC" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 6039 MB CPU Info: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz CPU Speed: 2308,3 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Display Adapters: Intel(R) HD Graphics 3000 | Intel(R) HD Graphics 3000 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Realtek PCIe GBE Family Controller | Intel(R) Centrino(R) Wireless-N 2230 CD / DVD Drives: 2x (E: | F: | ) E: TSSTcorpCDDVDW SN-208BB | F: Optiarc DVD RW AD-7200A Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 150,5GB | D: 315,2GB Hard Disks - Free: C: 89,0GB | D: 249,2GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 04/03/12 | MEDION - 1 Time Zone: Romance (standaardtijd) Motherboard *: Medion E6227 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== AV: AVG AntiVirus Free Edition *Enabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} SP: AVG AntiVirus Free Edition *Enabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE} FW: ZoneAlarm Free Firewall Firewall *Enabled* {1B8D532F-88B1-B2AD-ED22-AED92687A1D2} Internet Explorer Version: 11.0.9600.18230 Adobe Reader version: 11.0.16.13 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\BEEKAE~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2016-05-31 14:21:20 EF41A56E3BA44A1803471F45D922E23F 17936 ----a-w- C:\Windows\Sysnative\nitrolocalui2.dll 2016-05-31 14:21:20 A9A47A5E20DE96CA2F6C580A56D9B8A8 29712 ----a-w- C:\Windows\Sysnative\nitrolocalmon2.dll ====== C:\Windows\Sysnative\drivers ===== 2016-05-18 10:13:36 40A057A0EE883F700968B658356E1A6F 307456 ----a-w- C:\Windows\Sysnative\drivers\avgidsdrivera.sys 2016-05-17 08:50:56 264C4F3FDE0C1F4105599EEDD8430BDF 279296 ----a-w- C:\Windows\Sysnative\drivers\avgtdia.sys ====== C:\Windows\Tasks ====== 2016-06-01 10:36:43 B63AD96D5AB77552EFDB7D2277C3B0CB 3886 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Acrobat Update Task 2016-05-09 11:17:18 455A0476D03B2DA2CA0131B39FC8694B 3862 ----a-w- C:\Windows\Sysnative\Tasks\Opera scheduled Autoupdate 1462792634 ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-05-31 14:21:16 -------- d-----w- C:\Program Files\Common Files\Nitro ======= C:\PROGRA~2 ===== 2016-06-01 06:34:25 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe 2016-06-01 06:34:25 -------- d-----w- C:\PROGRA~2\Adobe 2016-05-31 14:21:15 -------- d-----w- C:\PROGRA~2\Nitro 2016-05-31 14:21:15 -------- d-----w- C:\PROGRA~2\COMMON~1\Nitro 2016-05-31 12:49:45 -------- d-----w- C:\PROGRA~2\Free PDF to Word Doc Converter 2016-05-30 22:15:44 -------- d-----w- C:\PROGRA~2\Audacity 2016-05-09 11:16:53 -------- d-----w- C:\PROGRA~2\Opera ======= C: ===== ====== C:\Users\Beekaert Andre\AppData\Roaming ====== 2016-06-07 10:20:50 -------- d-----w- C:\Users\Beekaert Andre\AppData\Roaming\Mozilla 2016-06-07 10:20:37 -------- d-----w- C:\Users\Beekaert Andre\AppData\Roaming\Thunderbird 2016-06-07 10:20:37 -------- d-----w- C:\Users\Beekaert Andre\AppData\Local\Thunderbird 2016-06-04 14:33:40 -------- d-----w- C:\Users\Beekaert Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-05-31 14:23:31 -------- d-----w- C:\Users\Beekaert Andre\AppData\Roaming\Nitro PDF 2016-05-31 13:49:55 -------- d-----w- C:\Users\Beekaert Andre\AppData\Roaming\YcanPDF 2016-05-31 13:23:20 C5668CB64FA5C97C6E84EEB537B5FF3B 2424 ----a-w- C:\Windows\SysNative\config\systemprofile\AppData\Local\prvlcl.dat 2016-05-30 23:02:37 -------- d-----w- C:\Users\Beekaert Andre\AppData\Roaming\Nitro 2016-05-30 23:02:37 -------- d-----w- C:\Users\Beekaert Andre\AppData\Roaming\FileOpen 2016-05-30 23:01:06 -------- d-----w- C:\Users\Beekaert Andre\AppData\Roaming\Downloaded Installations 2016-05-20 14:25:20 -------- d-----w- C:\Users\Beekaert Andre\AppData\Roaming\ImgBurn 2016-05-09 11:17:23 -------- d-----w- C:\Users\Beekaert Andre\AppData\Roaming\Opera Software ====== C:\Users\Beekaert Andre ====== 2016-06-07 10:17:10 198C8811AE1CF62E6347F7CCC8CB0DFC 35479696 ----a-w- C:\Users\Beekaert Andre\Downloads\Thunderbird Setup 45.1.1.exe 2016-06-06 22:31:04 -------- d-----r- C:\Users\Beekaert Andre\Videos 2016-05-31 14:21:15 -------- d-----w- C:\ProgramData\Nitro 2016-05-31 12:49:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter ====== C: exe-files == 2016-06-07 10:17:10 198C8811AE1CF62E6347F7CCC8CB0DFC 35479696 ----a-w- C:\Users\Beekaert Andre\Downloads\Thunderbird Setup 45.1.1.exe 2016-06-04 14:33:35 D021C350B1CBF88611BA1408B4FABC8F 23972712 ----a-w- C:\Users\Beekaert Andre\AppData\Roaming\Dropbox\bin\Dropbox.exe 2016-06-04 14:33:35 ABBB594150A15307A77971E20EB259D4 173288 ----a-w- C:\Users\Beekaert Andre\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe 2016-06-04 14:33:35 4DF47A51098D041671C8161C73048362 29480 ----a-w- C:\Users\Beekaert Andre\AppData\Roaming\Dropbox\bin\driver_x86\dbxsvc.exe 2016-06-04 14:33:34 157E1EF0B34406668C86C88F84BB8ACB 29992 ----a-w- C:\Users\Beekaert Andre\AppData\Roaming\Dropbox\bin\driver_amd64\dbxsvc.exe 2016-06-04 14:32:30 D35A64DDA2CD6636185C59CF64F2A2B0 69019472 ----a-w- C:\Users\Beekaert Andre\AppData\Local\Dropbox\Update\Download\{CC46080E-4C33-4981-859A-BBA2F780F31E}\4.4.29\DropboxClient_4.4.29.exe 2016-06-02 18:48:46 3F6E2D6EBDD1923FE7BEEFB735B0CAC6 6095328 ----a-w- C:\ProgramData\AVG\Setup\av\avgmfapx.exe 2016-06-02 18:48:46 2E4F6CDFD78BE347F128788CCE1A23B9 78608 ----a-w- C:\ProgramData\AVG\Setup\av\avguirux.exe 2016-06-01 10:25:57 31657ADA786863B73FAC28E5BD0753AD 382168 ----a-w- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\ReaderUpdater.exe 2016-06-01 10:25:57 31657ADA786863B73FAC28E5BD0753AD 382168 ----a-w- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AcrobatUpdater.exe 2016-05-31 14:40:13 4CA250EDC5E5B6CCC479257ABAC1A317 1793296 ----a-w- C:\Program Files (x86)\AVG\Setup\avgsetupwrkx.exe 2016-05-31 14:40:12 9E2364C1BBCB121FEBA12AACDF7B00C8 704272 ----a-w- C:\Program Files (x86)\AVG\Setup\avgntdumpx.exe 2016-05-31 14:40:12 68001CFD239236EBF814BDD37F95419D 3302672 ----a-w- C:\Program Files (x86)\AVG\Setup\avgsetupx.exe === C: other files == 2016-06-04 14:33:34 CD0B329D17316316E236BC16F5CF09D3 51824 ----a-w- C:\Users\Beekaert Andre\AppData\Roaming\Dropbox\bin\driver_x86\dbx-stable.sys 2016-06-04 14:33:34 602534C6AF65E07ACD260AFA55D89D0F 52848 ----a-w- C:\Users\Beekaert Andre\AppData\Roaming\Dropbox\bin\driver_x86\dbx-dev.sys 2016-06-04 14:33:34 602534C6AF65E07ACD260AFA55D89D0F 52848 ----a-w- C:\Users\Beekaert Andre\AppData\Roaming\Dropbox\bin\driver_x86\dbx-canary.sys 2016-06-04 14:33:34 5A83DA46A3C55A0756230C8A02CA8696 63088 ----a-w- C:\Users\Beekaert Andre\AppData\Roaming\Dropbox\bin\driver_amd64\dbx-dev.sys 2016-06-04 14:33:34 5A83DA46A3C55A0756230C8A02CA8696 63088 ----a-w- C:\Users\Beekaert Andre\AppData\Roaming\Dropbox\bin\driver_amd64\dbx-canary.sys 2016-06-04 14:33:34 584EC6F441240F575753BCF270891059 61552 ----a-w- C:\Users\Beekaert Andre\AppData\Roaming\Dropbox\bin\driver_amd64\dbx-stable.sys ==== Orphaned Tasks deleted from Registry ====================== LaunchApp deleted ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1225927498-1920941668-2367495595-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" "Dropbox Update"="C:\Users\Beekaert Andre\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Dolby Advanced Audio v2"="C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe -autostart" "USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "AVG_UI"="C:\Program Files (x86)\AVG\Av\avuirunnerx.exe C:\Program Files (x86)\AVG\Av\avgui.exe" "AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe /lps=fmw" "ZoneAlarm"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "ArcSoft Connection Service"="C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" "Dropbox Update"="C:\Users\Beekaert Andre\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "SUPERAntiSpyware"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe" "CCleaner Monitoring"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dropbox Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Dropbox Update" "hkey"="HKCU" "command"="\"C:\\Users\\Beekaert Andre\\AppData\\Local\\Dropbox\\Update\\DropboxUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SDTray] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SDTray" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Zune Launcher] "command"="\"C:\\Program Files\\Zune\\ZuneLauncher.exe\"" "hkey"="HKLM" "item"="Zune Launcher" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" ==== Startup Folders ====================== 2015-04-04 19:20:00 1170 ----a-w- C:\Users\Beekaert Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13/05/2016 10:59] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\Opera scheduled Autoupdate 1462792634" [C:\Program Files (x86)\Opera\launcher.exe] "C:\Windows\SysNative\tasks\PrivaZer_SkipUAC" [C:\Program Files (x86)\PrivaZer\PrivaZer.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\YCMServiceAgent" [C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe] "C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"] "C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe"] "C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe"] ==== Firefox Extensions ====================== ProfilePath: C:\Users\BEEKAE~1\AppData\Roaming\kompozer.net\KompoZer\Profiles\ryafzacr.default - Undetermined - %ProfilePath%\extensions\installed-extensions.txt - KompoZer classic - %ProfilePath%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ProfilePath: C:\Users\BEEKAE~1\AppData\Roaming\Thunderbird\Profiles\1wf8behm.default - Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} ProfilePath: C:\Users\BEEKAE~1\AppData\Roaming\TomTom\HOME\Profiles\subr4v5m.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.9.510.1234792@tomtom.com ==== Firefox Plugins ====================== ==== Chromium Look ====================== ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKLM\Wow6432Node\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 HKCU\SearchScopes\{31A88BD7-3932-4846-9AEC-5CE9F06742E3} - https://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: ::1 localhost O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Beekaert Andre\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Beekaert Andre\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft, Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\PHotkey\ASLDRSrv.exe O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2016\DfsdkS64.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\GFNEXSrv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Beekaert Andre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Beekaert Andre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HVORV6KQ will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome Cache found ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=20 folders=31 3710092 bytes) ==== Empty Temp Folders ====================== C:\Users\Beekaert Andre\AppData\Local\Temp will be emptied at reboot C:\Windows\sysWoW64\config\systemprofile\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\BEEKAE~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Beekaert Andre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HVORV6KQ" deleted "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on di 07/06/2016 at 15:29:28,02 ======================