Zoek.exe v5.0.0.0 Updated 10-September-2014 Tool run by SEVERENS Kris on do 11/09/2014 at 15:43:37,85. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\SEVERENS Kris\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 11/09/2014 15:45:40 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~3\Oracle deleted successfully C:\Users\SEVERENS Kris\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Acrobat XI Pro Adobe AIR Adobe Flash Player 14 ActiveX AllShare Framework DMS Apple Application Support Apple Mobile Device Support Apple Software Update Avira Free Antivirus Belgium e-ID middleware 3.5.6 (build 6954) Bonjour CCleaner Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition DU Meter eReg GoodSync Google Chrome Google Drive Google Update Helper HP Deskjet 3070 B611 series Basic Device Software HP Deskjet 3070 B611 series Help iTunes Java 7 Update 67 Java Auto Updater Java SE Development Kit 8 Update 5 (64-bit) JCreator LE 2.00 Logitech SetPoint 6.61 Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Language Pack 2010 - Dutch/Nederlands Microsoft Office O MUI (Dutch) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office SharePoint Designer MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Office X MUI (Dutch) 2010 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Nero Burning ROM 10 Nero BurnRights 10 Nero Control Center 10 Nero Core Components 10 Niko Home Control Program version 1.9.0 NVIDIA Control Panel 307.83 NVIDIA Graphics Driver 307.83 NVIDIA Install Application NVIDIA Update 1.10.8 NVIDIA Update Components OpenAL Platform QuickTime Samsung Link 2.0.0.1408131423 Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2878284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition Serviio Spotify Subtitle Workshop 2.51 Tag&Rename TreeSize Professional 5.3.1 Trikker V1.5.21 UltraEdit Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition VLC media player Vuze Vuze Leap 1.0 WhatPulse version 2.4 Winamp Windows Driver Package - Fedict SmartCard (12/08/2009 4.0.0.3) WinPcap 4.1.3 WinRAR archiver ==== Running Processes ====================== C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\WhatPulse\whatpulse.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Users\SEVERENS Kris\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe C:\Program Files (x86)\DU Meter\DUMeter.exe C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Users\SEVERENS Kris\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\SEVERENS Kris\AppData\Local\CrashRpt deleted C:\Users\SEVERENS Kris\Downloads\Elcomsoft_Password_Recovery_Bundle_Forensic_2014.08.rar deleted ==== System Specs ====================== Windows: Windows 7 Ultimate Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 8175 MB CPU Info: AMD FX(tm)-4300 Quad-Core Processor CPU Speed: 3816,7 MHz Sound Card: Speakers (VIA High Definition A | SPDIF Interface (TX1) (VIA High | HD Audio HDMI out (VIA High Def | Display Adapters: NVIDIA GeForce 6600 GT | NVIDIA GeForce 6600 GT | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 2x; F-419 DVI | Generic PnP Monitor | Screen Resolution: 1280 X 1024 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (G: | ) G: TSSTcorpCDDVDW SH-224DB Ports: COM1 LPT1 Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 298,0GB | D: 931,5GB | E: 931,5GB | F: 931,5GB | H: 232,9GB | I: 931,5GB Hard Disks - Free: C: 245,3GB | D: 439,5GB | E: 286,5GB | F: 667,0GB | H: 232,5GB | I: 407,5GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 11/12/13 | ACRSYS - 20131112 Time Zone: Romance Standard Time Motherboard *: ASUSTeK Computer INC. M5A78L-M/USB3 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Avira Desktop On-access scanning disabled (Outdated) Anti-Spyware: Avira Desktop disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Internet Explorer Version: 11.0.9600.17280 Google Chrome version: 37.0.2062.103 Sun Java version: 1.7.0_67 (32-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-08-23 12:12:47 B9917FC4C836776765E311FFF84DD534 249856 ------w- C:\Windows\Setup1.exe 2014-08-23 12:12:46 D422839C99927DB561F5C019643EACEC 73216 ----a-w- C:\Windows\ST6UNST.EXE ====== C:\Users\SEVERE~1\AppData\Local\Temp ==== 2014-09-11 06:01:29 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Users\SEVERENS Kris\AppData\Local\Temp\i4jdel0.exe ====== Java Cache ===== 2014-08-29 09:15:41 D9D40F8EEEDEE656CA6C6C1BF0B6587B 8913 ----a-w- C:\Users\SEVERENS Kris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\7d7caccf-7c0ab22e 2014-08-21 07:20:05 D9D40F8EEEDEE656CA6C6C1BF0B6587B 8913 ----a-w- C:\Users\SEVERENS Kris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\381f742-2b68ab25 2014-08-21 07:19:22 E8C80BF60938EE72EE77AB866EA40E2B 282048 ----a-w- C:\Users\SEVERENS Kris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\7e60542d-47ae4a8e 2014-08-21 07:20:05 AFAFAD1C850C256D8DFD582400DB76A6 95 ----a-w- C:\Users\SEVERENS Kris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\205c4eb4-ecdfe145e24ecda192a074f889769c77459041dd2443ab38477c9cb0037a8030-6.0.lap 2014-08-21 07:19:21 0B23B3044AE9E02DCE26DB4D5E007252 848 ----a-w- C:\Users\SEVERENS Kris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-249dd4fc 2014-08-21 07:19:21 6C8EC7CC2B16B8E81009AD8EC9BFB456 107 ----a-w- C:\Users\SEVERENS Kris\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-e2e4c8970372d2fb4193a7ef29d16f6c3f08527947fcb9208b3a0e48820369fd-6.0.lap ====== C:\Windows\SysWOW64 ===== 2014-09-11 05:50:32 E3D7B3F64C30994409BDF8E48048A854 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-09-11 05:50:32 297EF1AB73B8FCE76BCA1365C2E49AFC 440320 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-09-11 05:50:31 CC8F34B345DA638D77BB48C035DA628D 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-09-11 05:50:31 84E96F4AF8A7748A3DE7C3EBBC6768E5 365056 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-09-11 05:50:31 6DD476318F524D2DCB73AFEB2EE27B4A 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-11 05:50:31 4F2EDC301EC63F803C0FDB6CC87EDA24 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-09-11 05:50:31 42F6F28D4885505F687CAF0459FF9F90 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-09-11 05:50:31 010DFAF3EF93994B805BAA1493D47973 243200 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-09-11 05:50:30 D603AC77E17E5B9583E382F2EE0381A7 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-09-11 05:50:30 AA595171932ACC79DA9851067DCBDABF 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-09-11 05:50:30 8D4FCAB2643DFEF68040B70F1EDCCBC5 327872 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2014-09-11 05:50:30 7C3D593AB1E2F5E5687D97772EF99AC7 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-09-11 05:50:30 13C2C87C35E52AAB1B439FB2E26DF2DE 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-09-11 05:50:30 074646C5A979DE79133DE4A8530A9C5D 603136 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-09-11 05:50:29 77F79126444896B5867E6761490735B8 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-11 05:50:29 5074835337862817DB3726558D0908DE 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-09-11 05:50:29 2E2E40E5D92EEA979548E307C5781038 597504 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-09-11 05:50:29 1D8C086A39B9794D7131384586811B25 678400 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-09-11 05:50:28 88EBB8526981D03C5777AB0A4AEBA8B4 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-09-11 05:50:27 FD96C05DE700F5FD26273D6DDB6495A7 2185728 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-09-11 05:50:27 D58988722C72D265B51A54103DFC2C6F 1812992 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-09-11 05:50:26 77B7DDF91F3ED2CDB6CF60224EE13433 4232704 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-09-11 05:50:26 6A3A809CA7A8F40C89E6F1D301898A66 2014208 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-09-11 05:50:26 41010A88B70A2168F801DC19EBD4CB4F 1190400 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-09-11 05:50:25 A3560FAFC1686D5EE9830B33B5C74B66 11769856 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-09-11 05:50:25 7BF1CE9240CB9DD27C3E30733176EB8E 17455104 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-09-11 05:40:58 2413D2216D08FAF7D7178D9E0B481AEB 2285056 ----a-w- C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-09-11 05:39:22 79896A78039C9A63C56197843CFBAD0B 1987584 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll 2014-09-11 05:39:16 A8DDB7ACB122FC36FF0D7C9B3099A380 793600 ----a-w- C:\Windows\SysWOW64\TSWorkspace.dll 2014-09-11 05:39:13 1B85FA0D0A93C011B76678733F39DB6C 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2014-09-11 05:39:12 B094390B6B2D0456821384771020870B 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2014-09-11 05:39:12 10826DA2FC073702AEAB93AF3D73B066 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-09-11 05:50:32 9EFF09364ABDC86770FA0B1BCC9CA3C3 596480 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-09-11 05:50:32 1BE1D1942825BE2146941DA274D2B92F 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-09-11 05:50:31 EF79F0B9E0F277F5797C475DF4248B97 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2014-09-11 05:50:31 EE6B22396FA99639A163B1B7E9736669 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-09-11 05:50:31 A0600300428AB73664050659E738F11F 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-09-11 05:50:31 786ECD92C9D77F571134283E0FABAF1A 289280 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-09-11 05:50:31 641068C626DE3AD348871D0D7931A3FA 547328 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-09-11 05:50:31 4CF33E458BAEDA917CAE9F2E8338479C 446464 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-09-11 05:50:31 305D5395A65D00C74A94AEA40E9909E9 758272 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-09-11 05:50:31 2D95BDB699FA1D531B642EA18464FE05 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-09-11 05:50:31 0113777A28BEC88A50C2566F346E4B58 72704 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-09-11 05:50:30 E76C23C71345ACBC65ED8F6E87AD01D1 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-09-11 05:50:30 C07D636B0237172345E68AE8B70A2984 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-09-11 05:50:30 C067D863FCD53B91A5BF78AE1CE88E54 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-09-11 05:50:30 A1BB4CFB25F7CE1D4F67DD71111823AA 374968 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2014-09-11 05:50:30 68B0077C0D09D1B669A260F2921FD6B9 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-09-11 05:50:30 33BAC6F66DB5FE5F7E20D41B025F490E 707072 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-09-11 05:50:30 2AEFBA4339A34C8EF021B49D23D1F1DF 727040 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-09-11 05:50:29 920BD93A0B64657A20CA66C2EBB167EA 23591424 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-09-11 05:50:29 4C8838D7C13E9080AF4B548CA791896B 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2014-09-11 05:50:29 227303FC6E95547EA274F4337BBC7278 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-09-11 05:50:29 1439630B47D717960D59423958754394 775168 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-09-11 05:50:28 698C19E198F832E071778A1427E942C8 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-09-11 05:50:28 5A0C72B9D3CCA42D8AB74890C19443B2 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-09-11 05:50:27 F6304AACC5744016770C8C797CAA2AF7 5833728 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-09-11 05:50:27 75498A52C2AE248DEE5BDF5209768963 2793984 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-09-11 05:50:27 39EBB9708453036A74C30C9A294023FF 2310656 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-09-11 05:50:26 FECA80905D551074E1A9298BD98103B7 1447424 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-09-11 05:50:26 97752927B6E2401011A96E0D6082E403 2104832 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-09-11 05:50:25 BA56C68CCB912C4C08C97DD32C47AD31 13588480 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-09-11 05:40:58 3469B9FAE899139FEE7356E91693376A 2777088 ----a-w- C:\Windows\Sysnative\msmpeg2vdec.dll 2014-09-11 05:39:22 224C2EEBAAF39CD93DE5332DBE5E5A95 2565120 ----a-w- C:\Windows\Sysnative\d3d10warp.dll 2014-09-11 05:39:16 EFF3FF9D9E5BFD2A05390D959A1C3AD0 1031168 ----a-w- C:\Windows\Sysnative\TSWorkspace.dll 2014-09-11 05:39:13 33EF550DCCC58C93F5B65FD75BAD9832 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll 2014-09-11 05:39:12 EE4B105F1DBE1E864AFC72E7F0315432 1460736 ----a-w- C:\Windows\Sysnative\lsasrv.dll ====== C:\Windows\Sysnative\drivers ===== 2014-08-13 08:04:12 87CE5C8965E101CCCED1F4675557E868 985536 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-09-11 11:11:15 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-08-23 12:24:23 -------- d-----w- C:\PROGRA~2\Subtitle Workshop 2014-08-21 07:18:58 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\SEVERENS Kris\AppData\Roaming ====== 2014-08-26 16:55:08 -------- d-----w- C:\Users\SEVERENS Kris\AppData\Local\Adobe 2014-08-26 10:13:55 -------- d-s---w- C:\Windows\serviceprofiles\Localservice\AppData\Locallow\Microsoft 2014-08-23 12:24:23 -------- d-----w- C:\Users\SEVERENS Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\URUSoft 2014-08-21 07:19:25 -------- d-----w- C:\Users\SEVERENS Kris\AppData\Roaming\Oracle ====== C:\Users\SEVERENS Kris ====== 2014-09-11 11:10:47 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\SEVERENS Kris\Desktop\RSITx64.exe 2014-08-23 12:24:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\URUSoft 2014-08-23 12:12:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SubSync ====== C: exe-files == 2014-09-11 11:11:15 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\SEVERENS Kris.exe 2014-09-11 11:10:47 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\SEVERENS Kris\Desktop\RSITx64.exe 2014-09-11 06:03:12 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Windows\Temp\e4j7E43.tmp_dir1410415392\i4jdel.exe 2014-09-11 06:02:00 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Windows\Temp\i4jdel0.exe 2014-09-11 06:01:29 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Users\SEVERENS Kris\AppData\Local\Temp\i4jdel0.exe 2014-09-11 05:50:32 ED689CF5DA7A0374D2A8E3A8550522F7 483328 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-09-11 05:50:32 665256B575BF83E4B188BE73450C5C29 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-09-11 05:50:32 4DABFE3A9D3C67E9D9AD83C7F8FAD855 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2014-09-11 05:50:32 0D75A74E925F00D9F256F6A53733DAF8 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-09-11 05:50:31 42F6F28D4885505F687CAF0459FF9F90 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-09-11 05:50:31 2D95BDB699FA1D531B642EA18464FE05 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-09-11 05:50:30 33BAC6F66DB5FE5F7E20D41B025F490E 707072 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-09-11 05:50:28 698C19E198F832E071778A1427E942C8 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-09-11 05:50:28 5A0C72B9D3CCA42D8AB74890C19443B2 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-09-11 05:50:26 EEA63B8CF19E59C4A51AD2D9A59DDA25 812216 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-09-11 05:50:26 9540F3F5489747E71101E8AC9850CC79 810168 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-09-10 08:50:41 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Windows\Temp\e4j7129.tmp_dir1410339041\i4jdel.exe 2014-09-04 18:20:03 2FB742C226D0474202D28A5724E6CA4B 7235664 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\37.0.2062.103\37.0.2062.103_36.0.1985.143_chrome_updater.exe === C: other files == 2014-09-11 06:04:41 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-w- C:\Users\SEVERENS Kris\AppData\Local\Temp\_MEI32922\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2014-09-11 06:04:41 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\SEVERENS Kris\AppData\Local\Temp\_MEI32922\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2778705989-895750367-592444598-1000\Software\Microsoft\Windows\CurrentVersion\Run] "WhatPulse"="C:\Program Files (x86)\WhatPulse\whatpulse.exe" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "Spotify Web Helper"="C:\Users\SEVERENS Kris\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [HKEY_USERS\S-1-5-21-2778705989-895750367-592444598-1004\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-2778705989-895750367-592444598-1004\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" "DU Meter"="C:\Program Files (x86)\DU Meter\DUMeter.exe" "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WhatPulse"="C:\Program Files (x86)\WhatPulse\whatpulse.exe" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "Spotify Web Helper"="C:\Users\SEVERENS Kris\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming" ==== Startup Folders ====================== 2014-06-25 18:53:58 1950 ----a-w- C:\Users\SEVERENS Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnk 2014-05-24 14:20:24 1299 ----a-w- C:\Users\SEVERENS Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk 2014-08-06 12:45:31 1850 ----a-w- C:\Users\SEVERENS Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24/05/2014 16:03] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24/05/2014 16:03] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[21/12/2013 08:04] Google Docs - SEVERENS Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - SEVERENS Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - SEVERENS Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - SEVERENS Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Logitech Smooth Scrolling - SEVERENS Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk Adobe Acrobat - Create PDF - SEVERENS Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj NTR - SEVERENS Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna Google Wallet - SEVERENS Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - SEVERENS Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\SEVERENS Kris\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.be/", "startup_urls": [ "http://www.google.be/" ], ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{F1FEC098-CBD4-4775-8436-3A40DC6CC283}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found" {F1FEC098-CBD4-4775-8436-3A40DC6CC283} Google Url="https://www.google.com/search?q={searchTerms}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2778705989-895750367-592444598-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [DU Meter] C:\Program Files (x86)\DU Meter\DUMeter.exe O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKCU\..\Run: [WhatPulse] "C:\Program Files (x86)\WhatPulse\whatpulse.exe" O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\SEVERENS Kris\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-2778705989-895750367-592444598-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2778705989-895750367-592444598-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Monitor Ink Alerts - .lnk = ? O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE O4 - Startup: Serviio.lnk = C:\Program Files\Serviio\bin\ServiioConsole.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com//activex/ractrl.cab?lmi=1081 O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\SEVERENS Kris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\SEVERENS Kris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\SEVERENS Kris\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2 folders=3 726952082 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\SEVERENS Kris\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\SEVERE~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on do 11/09/2014 at 16:11:34,00 ======================