Zoek.exe v5.0.0.0 Updated 29-March-2015 Tool run by John on di 31-03-2015 at 15:18:28,65. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\John\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 31-3-2015 15:19:31 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\WinZipper deleted successfully C:\Users\John\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE C:\Users\John\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\WinZipper not found C:\Program Files (x86)\WinZipper not found C:\ProgramData\IHProtectUpDate deleted C:\Program Files (x86)\XTab deleted C:\Users\John\AppData\Roaming\sweet-page deleted C:\ProgramData\WindowsMangerProtect deleted C:\ProgramData\IePluginServices deleted C:\PROGRA~3\WindowsProtectManger deleted C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx deleted C:\Users\John\Downloads\avg_free_stb_all_2014_4116_cnet.exe deleted C:\Users\John\Downloads\SoftonicDownloader_voor_vlc-media-player.exe deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted C:\Windows\Syswow64\SearchProtect deleted ==== System Specs ====================== Windows: Windows 7 Ultimate Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 2047 MB CPU Info: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz CPU Speed: 2469,7 MHz Sound Card: Speakers (High Definition Audio | Digital Audio (S/PDIF) (High De | Display Adapters: Radeon X1650 Series (Microsoft Corporation - WDDM) | Radeon X1650 Series (Microsoft Corporation - WDDM) | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1440 X 900 - 32 bit Network: Network Present Network Adapters: HP 802.11b/g Wireless Network Adapter | Intel(R) PRO/100 VE Network Connection CD / DVD Drives: 2x (D: | E: | ) D: HL-DT-STDVDRRW GSA-H30L | E: ASUS DVD-E616A3T Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 465,7GB Hard Disks - Free: C: 395,2GB Manufacturer *: Phoenix Technologies, LTD BIOS Info: AT/AT COMPATIBLE | 05/08/07 | HPQOEM - 42302e31 Time Zone: W. Europe Standard Time Motherboard *: ASUSTek Computer INC. LEONITE Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 41.0.2272.101 Internet Explorer Version: 11.0.9600.17691 Google Chrome version: 41.0.2272.101 Adobe Reader version: 11.0.10.32 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-03-29 13:59:25 2A66E81AE941E54A237490FC35D387C8 1945 ----a-w- C:\Windows\epplauncher.mif ====== C:\Users\John\AppData\Local\Temp ==== 2015-03-29 13:55:58 CF95932C00190451115C782E139DE582 264488 ----a-w- C:\Users\John\AppData\Local\Temp\MSS\3.8.150.1\McInstallerRes.dll 2015-03-29 13:55:58 C4CF03B998D4D758B89CD07F22D7A7F9 645168 ----a-w- C:\Users\John\AppData\Local\Temp\MSS\3.8.150.1\McUICnt.exe 2015-03-29 13:55:58 87AA773F15D90973090D4DF76F8E60EF 565808 ----a-w- C:\Users\John\AppData\Local\Temp\MSS\3.8.150.1\mcbrwsr2.dll 2015-03-29 13:55:58 2AA753368BF68871962D2E99B8692985 153760 ----a-w- C:\Users\John\AppData\Local\Temp\MSS\3.8.150.1\McInstallerRes_LD.dll 2015-03-29 13:55:58 14E9947D26B0A418AA02F87741E4B40B 769736 ----a-w- C:\Users\John\AppData\Local\Temp\MSS\3.8.150.1\McInstallerStartup.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-03-29 13:48:03 CD32CA6B8DE83D20E7A729905928E78E 70236 ----a-w- C:\Windows\Sysnative\.crusader 2015-03-25 06:25:10 EBDBE8037B0BE75B05CBC5DEEE49BA90 677888 ----a-w- C:\Windows\Sysnative\generaltel.dll 2015-03-25 06:25:10 E82D241A892C15FB42AB0A3D83C01ACA 414720 ----a-w- C:\Windows\Sysnative\devinv.dll 2015-03-25 06:25:10 B3B9C29F90A10216F13113757BCACAD8 1107456 ----a-w- C:\Windows\Sysnative\aeinv.dll 2015-03-25 06:25:10 82009026471290E8A512D1FE2442FDFC 760832 ----a-w- C:\Windows\Sysnative\invagent.dll 2015-03-25 06:25:10 75A43F9EA79BF721DC6D94980F85F87D 943616 ----a-w- C:\Windows\Sysnative\appraiser.dll 2015-03-25 06:25:10 4BA77DD4E4894EAF2BCB2D3E0A0B6F7A 30720 ----a-w- C:\Windows\Sysnative\acmigration.dll 2015-03-25 06:25:09 EBDE90C94A0671F05AAA0DF2A2139F43 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll 2015-03-25 06:25:09 1C11E0739B2B354647D292FCDCB7AF8E 192000 ----a-w- C:\Windows\Sysnative\aepic.dll ====== C:\Windows\Sysnative\drivers ===== 2015-03-29 13:49:58 258DE302160DEEAFAB4453BB292CCF8F 43664 ----a-w- C:\Windows\Sysnative\drivers\hitmanpro37.sys 2015-03-11 10:04:48 87BCD1034CBF33537D4D4C251D39BA26 94656 ----a-w- C:\Windows\Sysnative\drivers\mountmgr.sys 2015-03-11 10:04:38 ED6E75158D28D33A2E2A020AC5B2B59D 663552 ----a-w- C:\Windows\Sysnative\drivers\PEAuth.sys 2015-03-11 10:04:35 90C53BD47979FB8814F465A08B885102 61440 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2015-03-11 10:02:46 8BA90F480705D7153AD0060CCA62222A 155576 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2015-03-11 10:02:46 56ED3EE5FED6BF2FC1305CF872042868 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-03-11 10:02:46 27667A788130A7F7A5858DE27572E6D7 459336 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2015-03-11 10:02:28 76D8CC526512ECAE2AEF63B1A6D018A1 20992 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-03-29 16:23:19 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== 2015-03-28 12:20:18 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat ====== C:\Users\John\AppData\Roaming ====== 2015-03-18 14:56:58 -------- d-----w- C:\Users\John\AppData\Locallow\Temp ====== C:\Users\John ====== 2015-03-29 16:23:01 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\John\Downloads\RSITx64.exe 2015-03-29 13:57:28 E1ECA1CB80D3FC173F68B299A3AC503D 14176408 ----a-w- C:\Users\John\Downloads\mseinstall.exe 2015-03-29 13:38:34 -------- d-----w- C:\ProgramData\HitmanPro 2015-03-29 13:34:49 5C80FF85C8644A630D341F27176042BA 11028616 ----a-w- C:\Users\John\Downloads\HitmanPro_x64.exe 2015-03-28 12:17:21 3D7352BE4DB5E2AEDE7B213979BA58D3 3109248 ----a-w- C:\Users\John\Downloads\SpyHunter-Installer.exe ====== C: exe-files == 2015-03-29 16:23:34 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\John.exe 2015-03-29 16:23:01 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\John\Downloads\RSITx64.exe 2015-03-29 14:19:51 E32DD0C9C383A146EBE4801A938471B3 20992 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{D182689D-9302-DECB-0D13-6164481C0D58}-svchost.exe 2015-03-29 13:57:28 E1ECA1CB80D3FC173F68B299A3AC503D 14176408 ----a-w- C:\Users\John\Downloads\mseinstall.exe 2015-03-29 13:55:58 C4CF03B998D4D758B89CD07F22D7A7F9 645168 ----a-w- C:\Users\John\AppData\Local\Temp\MSS\3.8.150.1\McUICnt.exe 2015-03-29 13:34:49 5C80FF85C8644A630D341F27176042BA 11028616 ----a-w- C:\Users\John\Downloads\HitmanPro_x64.exe 2015-03-28 12:17:21 3D7352BE4DB5E2AEDE7B213979BA58D3 3109248 ----a-w- C:\Users\John\Downloads\SpyHunter-Installer.exe 2015-03-27 08:04:20 2FBC280F4028CA1A5846403E1A893C2C 560456 ----a-w- C:\Users\John\AppData\Local\Google\Chrome\User Data\SwReporter\2.16.3\software_reporter_tool.exe 2015-03-25 06:25:09 F22794B93C9FC55A934C1544F9600B43 70832 ----a-w- C:\Windows\System32\CompatTel\diagtrackrunner.exe === C: other files == 2015-03-29 13:49:58 258DE302160DEEAFAB4453BB292CCF8F 43664 ----a-w- C:\Windows\System32\drivers\hitmanpro37.sys 2015-03-29 13:48:35 6C4FE7F1B530D146505BDE44F5742706 13736 ----a-w- C:\Program Files (x86)\Elex-tech\YAC\tmp\69AF304C.zip 2015-03-28 12:20:18 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat 2015-03-25 06:25:09 7EBB5DAD11B1D0B12317A191C8325991 21128 ----a-w- C:\Windows\System32\appraiser\nxquery.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" ==== Startup Folders ====================== 2014-08-17 19:08:18 1306 ----a-w- C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07-10-2013 22:45] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07-10-2013 22:45] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] ==== Chromium Look ====================== Google Chrome Version: 41.0.2272.101 (Latest Stable version: 41.0.2272.101) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions noajmlkipclmeolfcnflkjhijkigpfjh - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx[] Google Docs - John\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - John\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - John\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - John\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Security Protection - John\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh Gmail - John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.sweet-page.com/?type=hp&ts=1401546052&from=sof&uid=SAMSUNGXHD501LJ_S0MUJQSQ100247", "startup_urls": [ "http://www.sweet-page.com/?type=hp&ts=1401546052&from=sof&uid=SAMSUNGXHD501LJ_S0MUJQSQ100247" ] ==== Chromium Fix ====================== C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsmode.com_0.localstorage deleted successfully C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsmode.com_0.localstorage-journal deleted successfully C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_huizen.trovit.nl_0.localstorage deleted successfully C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_huizen.trovit.nl_0.localstorage-journal deleted successfully C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_vacatures.trovit.nl_0.localstorage deleted successfully C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_vacatures.trovit.nl_0.localstorage-journal deleted successfully C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.office-deals.nl_0.localstorage deleted successfully C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.office-deals.nl_0.localstorage-journal deleted successfully C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh deleted successfully C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_noajmlkipclmeolfcnflkjhijkigpfjh_0.localstorage deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://search.delta-homes.com/web/?type=ds&ts=1419596522&from=wpm12262&uid=SAMSUNGXHD501LJ_S0MUJQSQ100247&q={searchTerms}" "Default_Search_URL"="http://search.delta-homes.com/web/?type=ds&ts=1419596522&from=wpm12262&uid=SAMSUNGXHD501LJ_S0MUJQSQ100247&q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh deleted successfully ==== HijackThis Entries ====================== F3 - REG:win.ini: load=c:\users\john\dxwuum.exe F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\John\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=156 folders=78 12255831 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\John\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\John\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 31-03-2015 at 16:10:47,72 ======================