Zoek.exe v5.0.0.0 Updated 13-01-2015 Tool run by JAN on wo 14-01-2015 at 10:47:28,07. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\JAN\Downloads\zoek\zoek.exe.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 14-1-2015 10:48:37 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Program Files\Google deleted successfully C:\Users\JAN\AppData\Local\CrashDumps deleted successfully C:\Users\JAN\AppData\Local\CutePDF Writer deleted successfully C:\Users\JAN\AppData\Local\Cyberlink deleted successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\CrashDumps deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3342408277-2975736436-1913736375-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\PC Veilig\fshoster32.exe C:\Program Files (x86)\PC Veilig\apps\CCF_Reputation\fsorsp.exe C:\Program Files (x86)\Acer\Registration\GREGsvc.exe C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\OEM\USBDECTION\USBS3S4Detection.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\PC Veilig\apps\ComputerSecurity\Common\FSM32.EXE C:\Program Files (x86)\PC Veilig\fshoster32.exe C:\Program Files (x86)\PC Veilig\apps\ComputerSecurity\Common\FSMA32.EXE C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Users\JAN\Downloads\zoek\zoek.exe.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\PC Veilig\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE C:\Program Files (x86)\PC Veilig\apps\ComputerSecurity\Common\fswscs.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~3\OberonGameConsole deleted C:\Windows\tasks\RegClean Pro_DEFAULT.job deleted C:\Windows\tasks\RegClean Pro_UPDATES.job deleted C:\Windows\SysNative\config\systemprofile\Searches deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 8175 MB CPU Info: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz CPU Speed: 3389,4 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: NVIDIA GeForce GTX 550 Ti | NVIDIA GeForce GTX 550 Ti | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen niet-PnP-beeldscherm | Screen Resolution: 1024 X 768 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller | 802.11n Wireless LAN Card CD / DVD Drives: 1x (E: | ) E: ATAPI DVD A DH16ABSH Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 71,1GB | D: 931,5GB Hard Disks - Free: C: 29,4GB | D: 929,1GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 04/19/11 | ACRSYS - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: Acer Predator G3610 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Computer Beveiliging On-access scanning disabled (Outdated) Anti-Spyware: Computer Beveiliging disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Internet Explorer Version: 11.0.9600.17358 Adobe Reader version: 9.5.5.316 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\JAN\AppData\Local\Temp ==== 2015-01-13 14:19:46 EDDAD4BC2B7E8C423DEB9F2711FE653B 208304 -c--a-w- C:\Users\JAN\AppData\Local\Temp\{705517CF-F785-4CFA-8E6E-E538DDDFC4F0}\{61df2893-0069-4e50-a02e-3a41a97cb1b4}\isrt.dll 2015-01-13 14:19:46 E54601D8A464A455DE081D63D4B7927D 123312 -c--a-w- C:\Users\JAN\AppData\Local\Temp\{705517CF-F785-4CFA-8E6E-E538DDDFC4F0}\{61df2893-0069-4e50-a02e-3a41a97cb1b4}\_IsRes.dll 2015-01-13 14:19:46 DCB85AC1C2214F8865C0814C8C445B31 10672 -c--a-w- C:\Users\JAN\AppData\Local\Temp\{705517CF-F785-4CFA-8E6E-E538DDDFC4F0}\dotnetinstaller.exe 2015-01-13 14:19:46 1D461686B0E32F2DECB587C895A05402 120240 -c--a-w- C:\Users\JAN\AppData\Local\Temp\{705517CF-F785-4CFA-8E6E-E538DDDFC4F0}\ISBEW64.exe 2015-01-13 14:19:45 30EBD4E80B1DDA05EAC709A1DC5965B4 164784 -c--a-w- C:\Users\JAN\AppData\Local\Temp\{BFD13BF9-338B-4612-865F-65ECE34375E0}\_Setup.dll 2015-01-13 14:19:44 E0347CFB68DA6E23F52FE39A198D7B12 492164 -c--a-w- C:\Users\JAN\AppData\Local\Temp\{BFD13BF9-338B-4612-865F-65ECE34375E0}\ISSetup.dll 2015-01-13 14:19:44 A205551E7BA8580D2C0FF896A4D79FA9 460248 -c--a-w- C:\Users\JAN\AppData\Local\Temp\_isC6A8.exe 2015-01-13 14:16:02 083E81170B24536A1F0F3B36015C6E21 984160 -c--a-w- C:\Users\JAN\AppData\Local\Temp\{6C008A76-80E7-4E46-953C-B3CF2624EDB4}\setup.exe 2015-01-13 14:16:02 0513B42B22E9A07B314A340034857E0F 4618417 -c--a-w- C:\Users\JAN\AppData\Local\Temp\{6C008A76-80E7-4E46-953C-B3CF2624EDB4}\ISSetup.dll 2015-01-13 13:46:19 FBAB280D0CAC5E21C72F0A1A7B5B9608 455600 -c--a-w- C:\Users\JAN\AppData\Local\Temp\_isD25B.exe 2015-01-12 20:51:51 4DAE3266AB0BDB38766836008BF2C408 489472 -c--a-w- C:\Users\JAN\AppData\Local\Temp\SDIAG_7105b777-49bb-4f91-9aca-751bac2ed68d\DiagPackage.dll 2015-01-12 18:57:37 4DAE3266AB0BDB38766836008BF2C408 489472 -c--a-w- C:\Users\JAN\AppData\Local\Temp\SDIAG_c1d1c936-2ef3-494a-9c8d-334880556a2c\DiagPackage.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-01-13 16:53:15 -------- dc----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\JAN\AppData\Roaming ====== ====== C:\Users\JAN ====== ====== C: exe-files == 2015-01-13 14:19:46 DCB85AC1C2214F8865C0814C8C445B31 10672 -c--a-w- C:\Users\JAN\AppData\Local\Temp\{705517CF-F785-4CFA-8E6E-E538DDDFC4F0}\dotnetinstaller.exe 2015-01-13 14:19:46 1D461686B0E32F2DECB587C895A05402 120240 -c--a-w- C:\Users\JAN\AppData\Local\Temp\{705517CF-F785-4CFA-8E6E-E538DDDFC4F0}\ISBEW64.exe 2015-01-13 14:19:44 A205551E7BA8580D2C0FF896A4D79FA9 460248 -c--a-w- C:\Users\JAN\AppData\Local\Temp\_isC6A8.exe 2015-01-13 14:16:02 083E81170B24536A1F0F3B36015C6E21 984160 -c--a-w- C:\Users\JAN\AppData\Local\Temp\{6C008A76-80E7-4E46-953C-B3CF2624EDB4}\setup.exe 2015-01-13 14:15:27 3965100C898640D4C36C40EA1D9ED9E8 1236008 -c--a-w- C:\ProgramData\f-secure\FSAUA\guts.sp.f-secure.com\content\fsav_1000_bin\1416293567\fssm32.exe 2015-01-13 14:15:27 3762A2CACCCADCDAD5B0808160ED7844 687656 -c--a-w- C:\ProgramData\f-secure\FSAUA\guts.sp.f-secure.com\content\fsav_1000_bin\1416293567\fsgk32.exe 2015-01-13 14:15:27 07E3EECF2D8DE80069425AFA4252E270 573992 -c--a-w- C:\ProgramData\f-secure\FSAUA\guts.sp.f-secure.com\content\fsav_1000_bin\1416293567\upd_fsav32.exe 2015-01-13 13:46:19 FBAB280D0CAC5E21C72F0A1A7B5B9608 455600 -c--a-w- C:\Users\JAN\AppData\Local\Temp\_isD25B.exe === C: other files == 2015-01-13 14:18:05 CCC8DF6F3ABD9F827768234EED11FDD8 311079 -c--a-w- C:\Windows\Temp\fsaua.tmp\guts.sp.f-secure.com_80_295260973_infopak.zip 2015-01-13 14:15:38 F59F2C574AA5D84477EB89F87C938F16 56016 -c--a-w- C:\ProgramData\f-secure\FSAUA\guts.sp.f-secure.com\content\mlcwin\1409145813\fsbts_x64.sys 2015-01-13 14:15:38 18DA737DD5122A475DA4948ED4643675 44240 -c--a-w- C:\ProgramData\f-secure\FSAUA\guts.sp.f-secure.com\content\mlcwin\1409145813\fsbts.sys 2015-01-13 14:15:27 8FEB62E2C1D6567A716B3B120538BCB5 207400 -c--a-w- C:\ProgramData\f-secure\FSAUA\guts.sp.f-secure.com\content\fsav_1000_bin\1416293567\upd_fsgk_x64.sys 2015-01-13 14:15:27 3C79ADD6CD5CDACC0BB92ACBCCB429C6 74920 -c--a-w- C:\ProgramData\f-secure\FSAUA\guts.sp.f-secure.com\content\fsav_1000_bin\1416293567\upd_fshs32.sys 2015-01-13 14:15:27 3796C0BCF30212488C24BCFB40349C6D 149544 -c--a-w- C:\ProgramData\f-secure\FSAUA\guts.sp.f-secure.com\content\fsav_1000_bin\1416293567\upd_fsgk.sys 2015-01-13 14:15:27 2B3714CB78B4561A205805E770D9B7F9 71112 -c--a-w- C:\ProgramData\f-secure\FSAUA\guts.sp.f-secure.com\content\fsav_1000_bin\1416293567\upd_fshs64.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Arvo"="C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "Arvo"="C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "F-Secure Manager"="C:\Program Files (x86)\PC Veilig\apps\ComputerSecurity\Common\FSM32.EXE /splash" "F-Secure Hoster (4582601)"="C:\Program Files (x86)\PC Veilig\fshoster32.exe -app -hosterid:1" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CCleaner Monitoring" "hkey"="HKCU" "command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR" ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] ==== Chromium Look ====================== Ask Toolbar - JAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaappmhgaaggeoepicjahnbofmjacog Google Docs - JAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - JAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - JAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - JAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Norton Identity Protection - JAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Gmail - JAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\JAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaappmhgaaggeoepicjahnbofmjacog deleted successfully C:\Users\JAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaappmhgaaggeoepicjahnbofmjacog_0.localstorage deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.snsbank.nl/mijnsns/secure/login.html" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.snsbank.nl/mijnsns/secure/login.html" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\PC Veilig\apps\ComputerSecurity\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure Hoster (4582601)] "C:\Program Files (x86)\PC Veilig\fshoster32.exe" -app -hosterid:1 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Arvo] "C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE" (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Arvo] "C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE" (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\fshoster32.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\apps\ComputerSecurity\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\PC Veilig\apps\CCF_Reputation\fsorsp.exe O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\JAN\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\JAN\AppData\Local\Mozilla\Firefox\Profiles\nb6uceep.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\JAN\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=99 folders=21 624335 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\JAN\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\JAN\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on wo 14-01-2015 at 11:12:56,98 ======================