Zoek.exe v5.0.0.0 Updated 22-05-2014 Tool run by Alain on wo 28/05/2014 at 15:50:49,63. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Alain\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-05-28-134947.log 18226 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3172224529-1946486846-736571833-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Acrobat XI Pro Adobe Bridge 1.0 Adobe Common File Installer Adobe Creative Suite 2 Adobe Flash Player 13 ActiveX Adobe Flash Player 13 Plugin Adobe Help Center 1.0 Adobe Photoshop CS2 Adobe Stock Photos 1.0 Apple Application Support Apple Software Update BD Sizer 3.3.2.0 BETA Belastingen 2012 versie 1.x Belastingen 2013 versie 1.x Belastingen 2014 versie 1.x Belgium e-ID middleware 4.0.7 (build 7445) CCleaner Cobian Backup 11 Gravity Content Management Utility Corel PaintShop Pro X6 Data Log DHTML Editing Component EASEUS Partition Master 7.0.1 Server Edition EDIUS 6.08 EDIUS Codec Option 6.08 EDIUS Hardware Drivers EOSInfo FileZilla Client 3.8.0 FLV and Media Player (3.2.0.3) Garmin BaseCamp Garmin Communicator Plugin Garmin Communicator Plugin x64 Garmin USB Drivers Google Earth Google Update Helper Hard Disk Scrubber 3.4 (Remove Only) High-Definition Video Playback ICA ImageSkill Background Remover 3 (Remove only) ImTOO Video Converter Ultimate IPM_PSP_COM64 Java 7 Update 55 Java Auto Updater Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft .NET Framework 4.5.1 Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 10 ClipartPack Nero 10 Menu TemplatePack 1 Nero 10 Menu TemplatePack 2 Nero 10 Menu TemplatePack 3 Nero 10 Menu TemplatePack Basic Nero 10 Movie ThemePack 1 Nero 10 Movie ThemePack 2 Nero 10 Movie ThemePack 3 Nero 10 Movie ThemePack 4 Nero 10 Movie ThemePack Basic Nero 10 PiP EffectPack 1 Nero 10 Sample ImagePack Nero 10 Sample Videos Nero 10 Video TransitionPack 1 Nero BackItUp 10 Nero BackItUp 10 Help (CHM) Nero Burning ROM 10 Nero BurningROM 10 Help (CHM) Nero BurnRights 10 Nero BurnRights 10 Help (CHM) Nero Control Center 10 Nero ControlCenter 10 Help (CHM) Nero Core Components 10 Nero CoverDesigner 10 Nero CoverDesigner 10 Help (CHM) Nero DiscSpeed 10 Nero DiscSpeed 10 Help (CHM) Nero Dolby Files 10 Nero Express 10 Nero Express 10 Help (CHM) Nero InfoTool 10 Nero InfoTool 10 Help (CHM) Nero MediaHub 10 Nero MediaHub 10 Help (CHM) Nero Multimedia Suite 10 Platinum HD Nero Recode 10 Nero Recode 10 Help (CHM) Nero RescueAgent 10 Nero RescueAgent 10 Help (CHM) Nero SoundTrax 10 Nero SoundTrax 10 Help (CHM) Nero StartSmart 10 Nero StartSmart 10 Help (CHM) Nero Update Nero Vision 10 Nero Vision 10 Help (CHM) Nero WaveEditor 10 Nero WaveEditor 10 Help (CHM) NoAds Norton Internet Security NVIDIA-configuratiescherm 335.23 NVIDIA 3D Vision stuurprogramma 335.23 NVIDIA Display Control Panel NVIDIA Drivers NVIDIA Grafisch stuurprogramma 335.23 NVIDIA Install Application NVIDIA PhysX NVIDIA Stereoscopic 3D Driver NVIDIA Update 10.4.0 NVIDIA Update Core Power Data Recovery 3.1.1 PSPPContent PSPPHelp PSPPro64 QuickTime Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878236) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2878237) 32-Bit Edition Setup Shareaza 2.5.5.0 SnagIt 8 Stuurprogrammapakket voor Windows - Fedict SmartCard (03/25/2014 4.0.7.4) Suite Specific Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD TFA_Nexus Turbo Lister 2 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) VLC media player 2.1.3 Web Album Generator 1.8.2 Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) WinRAR 4.10 beta 4 (64-bit) WinRAR 5.01 (32-bit) WinRAR Free Download Packages Xilisoft HD Video Converter YTD Video Downloader 4.8 ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Cobian Backup 11\cbService.exe E:\Prey\platform\windows\cronsvc.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe E:\Noads\NoAds.exe C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe C:\Windows\system32\hasplms.exe C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE C:\Users\Alain\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\GreenTree Applications deleted C:\PROGRA~2\COMMON~1\Spigot deleted C:\PROGRA~3\YTD Video Downloader deleted C:\PROGRA~3\Package Cache deleted C:\Users\Alain\AppData\Local\nsj4B05.tmp deleted C:\Users\Alain\AppData\Local\Wondershare deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted C:\prefs.js deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\DAQExp.dll" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\WSHelper.exe" deleted "C:\PROGRA~2\COMMON~1\Wondershare" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact" deleted ==== System Specs ====================== Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 6134 MB CPU Info: Intel(R) Core(TM) i7 CPU 950 @ 3.07GHz CPU Speed: 3148,0 MHz Sound Card: Luidsprekers (High Definition A | Digitale audio (S/PDIF) (High D | Digitale audio (S/PDIF) (High D | Display Adapters: NVIDIA GeForce GTX 460 | NVIDIA GeForce GTX 460 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1920 X 1200 - 32 bit Network: Network Present Network Adapters: Intel(R) 82567LM-2 Gigabit-netwerkverbinding CD / DVD Drives: 2x (H: | I: | ) H: HL-DT-STBD-RE BH10LS30 | I: HL-DT-STBD-RE BH10LS30 Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 167,5GB | D: 686,0GB | E: 245,6GB | F: 596,2GB | G: 596,2GB | J: 220,0MB Hard Disks - Free: C: 120,5GB | D: 536,5GB | E: 241,4GB | F: 232,5GB | G: 364,6GB | J: 167,1MB Manufacturer *: Intel Corp. BIOS Info: AT/AT COMPATIBLE | 04/14/10 | INTEL - 1450 Time Zone: West-Europa (standaardtijd) Motherboard *: Intel Corporation DX58SO Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Norton Internet Security On-access scanning disabled (Outdated) Anti-Spyware: Norton Internet Security disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: Norton Internet Security disabled Internet Explorer Version: 10.0.9200.16899 Sun Java version: 1.7.0_55 (32-bit) Flash Player version: 13.0.0.214 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Alain\AppData\Local\Temp ==== ====== Java Cache ===== 2014-05-08 08:56:17 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Alain\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-3cfe552c 2014-05-08 08:56:15 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Alain\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-25e479c4 2014-05-08 08:56:15 57EFBD647128EF1B16BC02999F692064 425 ----a-w- C:\Users\Alain\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap 2014-05-20 14:54:43 710F08E124088255BC52C46C3574FEEB 30978 ----a-w- C:\Users\Alain\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\5cb330d2-5e2233d5 2014-05-20 14:48:29 7DCC09DE08E04D41377286C847438DA8 38 ----a-w- C:\Users\Alain\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\7e4d3004-b74b4cd2e1e338d22ba8b83f39f90104971bd4bb1226cf16e700952d5b8a3485-6.0.lap 2014-05-08 08:56:15 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\Alain\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-5004df60 2014-05-24 06:21:04 24401E1AD0AD0BEBF0DE6C45F2B90C40 167562 ----a-w- C:\Users\Alain\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\21790ced-57da8240 2014-05-24 06:21:04 148EB640379F9880E084524AD964891D 414 ----a-w- C:\Users\Alain\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\5fdbf2ee-18d18a7915df2ef7578e34f686bb8285bade2a0e80463438c3664be1d2f7efca-6.0.lap 2014-05-08 09:32:02 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Alain\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-5efed325 ====== C:\Windows\SysWOW64 ===== 2014-05-16 02:53:50 F76E1461807291997B309BF34CCC59E2 675840 ----a-w- C:\Windows\SysWOW64\ac3filter.ax 2014-05-16 02:53:50 60AFBD58F9DFAF558003BD13E60F6BB3 892928 ----a-w- C:\Windows\SysWOW64\iconv.dll 2014-05-16 02:53:50 54352979771C1EEF5B00DEBE308368AF 496640 ----a-w- C:\Windows\SysWOW64\xvid.ax ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-05-14 10:16:59 353009DEDF918B2A51414F330CF72DEC 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2014-05-14 10:16:59 1C2D8E18AA8FD50CD04C15CC27F7F5AB 155072 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-05-27 07:03:20 -------- d-----w- C:\Program Files\trend micro 2014-05-12 08:00:55 -------- d-----w- C:\Program Files\Common Files\Adobe 2014-05-06 12:56:31 -------- d-----w- C:\Program Files\Garmin GPS Plugin 2014-05-02 06:22:35 -------- d-----w- C:\Program Files\DIFX ======= C:\PROGRA~2 ===== 2014-05-14 10:18:41 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER 2014-05-08 08:56:04 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-05-07 16:00:09 -------- d-----w- C:\PROGRA~2\Cobian Backup 11 2014-05-06 12:56:32 -------- d-----w- C:\PROGRA~2\Garmin GPS Plugin 2014-05-06 12:56:25 -------- d-----w- C:\PROGRA~2\Garmin 2014-05-02 06:22:19 -------- d-----w- C:\PROGRA~2\Belgium Identity Card 2014-05-02 03:13:09 -------- d-----w- C:\PROGRA~2\COMMON~1\Wise Installation Wizard ======= C: ===== ====== C:\Users\Alain\AppData\Roaming ====== 2014-05-18 05:13:06 -------- d-----w- C:\Users\Alain\AppData\Roaming\Bigasoft Total Video Converter 4 2014-05-16 03:09:15 -------- d-----w- C:\Users\Alain\AppData\Local\4Videosoft Studio 2014-05-16 03:02:29 -------- d-----w- C:\Users\Alain\AppData\Roaming\Xilisoft 2014-05-16 02:53:59 -------- d-----w- C:\Users\Alain\AppData\Roaming\Wondershare Video Converter Ultimate 2014-05-16 02:51:09 -------- d-----w- C:\Users\Alain\AppData\Roaming\ImTOO 2014-05-16 02:44:02 -------- d-----w- C:\Users\Alain\AppData\Roaming\LockTime 2014-05-12 08:14:29 -------- d-----w- C:\Users\Alain\AppData\Roaming\PDAppFlex 2014-05-10 08:09:39 EE7534340EE30DEF1DB687C1A94A6752 320 ----a-w- C:\Users\Alain\AppData\Roaming\aps.uninstall.scan.results 2014-05-09 20:25:26 86CF7C8115C0EAAA302B893A9305A45A 228944 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2014-05-09 15:31:05 -------- d-----w- C:\Users\Alain\AppData\Local\Nero 2014-05-09 03:57:18 -------- d-----w- C:\Users\Alain\AppData\Roaming\NVIDIA 2014-05-09 03:57:17 -------- d-----w- C:\Users\Alain\AppData\Local\Garmin 2014-05-09 03:56:59 -------- d-----w- C:\Users\Alain\AppData\Local\GARMIN_Corp 2014-05-08 08:54:58 -------- d-----w- C:\Users\Alain\AppData\Locallow\Sun 2014-05-07 19:08:07 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google 2014-05-06 12:42:22 -------- d-----w- C:\Users\Alain\AppData\Roaming\Garmin 2014-05-02 03:15:18 -------- d-----w- C:\Users\Alain\AppData\Local\TechSmith 2014-05-01 09:06:14 -------- d-----w- C:\Users\Alain\AppData\Roaming\FileZilla 2014-05-01 08:34:19 -------- d-----w- C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prey 2014-04-30 07:30:11 2EF5F8BCC3950D565DA6F61AA70E560F 8704 ----a-w- C:\Users\Alain\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ====== C:\Users\Alain ====== 2014-05-27 07:06:02 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Alain\Downloads\RSITx64 (4).exe 2014-05-27 07:05:09 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Alain\Downloads\RSITx64 (3).exe 2014-05-27 07:04:41 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Alain\Downloads\RSITx64 (2).exe 2014-05-27 07:03:43 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Alain\Downloads\RSITx64 (1).exe 2014-05-27 07:02:53 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Alain\Downloads\RSITx64.exe 2014-05-21 12:26:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NoAds 2014-05-16 03:30:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft 2014-05-16 03:30:37 -------- d-----w- C:\ProgramData\Xilisoft 2014-05-16 02:59:25 -------- d-----w- C:\ProgramData\Wondershare Video Converter Ultimate 2014-05-16 02:51:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImTOO 2014-05-16 02:50:57 -------- d-----w- C:\ProgramData\ImTOO 2014-05-15 08:01:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay 2014-05-15 08:01:40 -------- d-----w- C:\ProgramData\eBay 2014-05-11 07:24:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Appnimi 2014-05-10 03:43:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Power Data Recovery 2014-05-09 15:28:07 -------- d-----w- C:\ProgramData\LightScribe 2014-05-09 15:27:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Scrubber 2014-05-09 03:57:17 -------- d-----w- C:\ProgramData\Garmin 2014-05-09 03:56:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2014-05-08 08:56:04 -------- d-----w- C:\ProgramData\Sun 2014-05-08 08:56:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-05-07 16:00:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11 2014-05-07 09:36:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EASEUS Partition Master 7.0.1 Server Edition 2014-05-03 04:50:45 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Searches 2014-05-02 06:22:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID 2014-05-02 03:15:18 -------- d-----w- C:\ProgramData\TechSmith 2014-05-02 03:15:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SnagIt 8 2014-05-01 09:06:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2014-05-01 08:47:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web Album Generator 2014-05-01 08:36:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageSkill 2014-04-29 04:09:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shareaza ====== C: exe-files == 2014-05-27 07:06:02 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Alain\Downloads\RSITx64 (4).exe 2014-05-27 07:05:09 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Alain\Downloads\RSITx64 (3).exe 2014-05-27 07:04:41 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Alain\Downloads\RSITx64 (2).exe 2014-05-27 07:03:43 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Alain\Downloads\RSITx64 (1).exe 2014-05-27 07:03:21 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Alain.exe 2014-05-27 07:02:53 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Alain\Downloads\RSITx64.exe 2014-05-26 07:50:14 6058430D34D52AAC23CB5B6187CD8C41 143872 ----a-w- C:\Users\Alain\Downloads\Herstelpunt maken\Herstelpunt maken (UserClose).exe 2014-05-22 06:09:57 268BAF9FAB7D5F00ADA50A696582E1EC 18421128 ----a-w- C:\Users\Alain\Downloads\Sticky.Password.v7.0.5.31-BEAN\Sticky.Password.v7.0.5.31-BEAN\stpass_trial_70531.exe === C: other files == 2014-05-26 07:50:51 FA3570DEE4C533EB85670AE923DAF818 592 ----a-w- C:\Users\Alain\AppData\Local\Temp\{87E04915-4458-4134-97CC-5D20323225BF}\Herstelpunt met blijvende infobox.vbs 2014-05-26 07:49:36 5E505A76E55B99644D7559959533E41F 105056 ----a-w- C:\Users\Alain\Downloads\Herstelpunt maken.zip 2014-05-22 06:09:36 D52406865FE7651640DDBA6F8C2BE16E 2087595 ----a-w- C:\Users\Alain\Downloads\Sticky.Password.v7.0.5.31-BEAN\Sticky.Password.v7.0.5.31-BEAN\bgk7uv08.zip 2014-05-22 06:09:36 B52EAAD18245AD2AF48118B4C84A88EC 2888686 ----a-w- C:\Users\Alain\Downloads\Sticky.Password.v7.0.5.31-BEAN\Sticky.Password.v7.0.5.31-BEAN\bgk7uv03.zip 2014-05-22 06:09:36 7EE1E22ADE60542867121C0A4415103A 2888686 ----a-w- C:\Users\Alain\Downloads\Sticky.Password.v7.0.5.31-BEAN\Sticky.Password.v7.0.5.31-BEAN\bgk7uv04.zip 2014-05-22 06:09:36 552A26DECE570FE136B422B2B8599370 2888686 ----a-w- C:\Users\Alain\Downloads\Sticky.Password.v7.0.5.31-BEAN\Sticky.Password.v7.0.5.31-BEAN\bgk7uv02.zip 2014-05-22 06:09:36 4625B97F0ABFFFF463722C3E264A2E6E 2892570 ----a-w- C:\Users\Alain\Downloads\Sticky.Password.v7.0.5.31-BEAN\Sticky.Password.v7.0.5.31-BEAN\bgk7uv01.zip 2014-05-22 06:09:36 3F21E53084911C6B95DE674B258B7F20 2888686 ----a-w- C:\Users\Alain\Downloads\Sticky.Password.v7.0.5.31-BEAN\Sticky.Password.v7.0.5.31-BEAN\bgk7uv06.zip 2014-05-22 06:09:36 32F2DC20F8002269B5AF03EBB5BFC5DC 2888686 ----a-w- C:\Users\Alain\Downloads\Sticky.Password.v7.0.5.31-BEAN\Sticky.Password.v7.0.5.31-BEAN\bgk7uv05.zip 2014-05-22 06:09:36 0617D4939484CE314F27FCEE21CCB139 2888686 ----a-w- C:\Users\Alain\Downloads\Sticky.Password.v7.0.5.31-BEAN\Sticky.Password.v7.0.5.31-BEAN\bgk7uv07.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3172224529-1946486846-736571833-1000\Software\Microsoft\Windows\CurrentVersion\Run] "NoAds"="E:\Noads\NoAds.exe" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" "NBAgent"="E:\Nero BackItUp\NBAgent.exe /WinStart" "Cobian Backup 11 interface"="C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe -service" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "Wondershare Helper Compact.exe"="C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "NoAds"="E:\Noads\NoAds.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" ==== Startup Folders ====================== 2014-04-26 12:00:35 1291 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [15/05/2014 07:09] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:h6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26/04/2014 18:00] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\WSCStub.exe"] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\SymErr.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[08/05/2014 15:49] icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx[] mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx[] mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\Exts\Chrome.crx[28/04/2014 14:52] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.hln.be/" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "newtab"="about:tabs" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "newtab"="about:tabs" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.hln.be/" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1CD823-1418-4F91-87EF-B83352B5D3B4}" {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Unknown Url="Not_Found" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {6A1CD823-1418-4F91-87EF-B83352B5D3B4} Google Url="http://www.google.be/search?hl=nl&q={searchTerms}&sourceid=ie8&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3172224529-1946486846-736571833-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - E:\SNAGIT\SnagItBHO.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Java\bin\ssv.dll O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Java\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - E:\SNAGIT\SnagItIEAddin.dll O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [NBAgent] "E:\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [Cobian Backup 11 interface] "C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe" -service O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe O4 - HKCU\..\Run: [NoAds] "E:\Noads\NoAds.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: Download with &Shareaza - res://E:\Shareaza\Shareaza\RazaWebHook32.dll/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {49C9FECC-02EE-49D9-8171-F548577E7ACD} (Uploader Control) - http://ua.foto.com/ImageUploader8.cab O16 - DPF: {53049A9A-1122-4673-B8D4-12F545AE3285} (CV781Object Object) - http://avm565a-sn.ddns.eagleeyes.tw:85/AVC_AX_764.cab O16 - DPF: {971FC730-55F1-461F-83FD-B3BF5E1F039E} (AMCCtrl Class) - http://178.118.53.209:8910/AVC_AX_742.cab O16 - DPF: {AA09E7F8-1C11-4B65-9D61-EB6CB0F1E86C} (CV781Object Object) - http://sieuthivienthong.dyndns.org:8081/AVC_AX_35X.cab O16 - DPF: {B513310D-152C-4521-97C4-C92860987AD2} (CameraViewer Class) - http://113.161.84.225:9006/MediaClientAxCtrl.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Cobian Backup 11 Gravity (CobianBackup11) - Luis Cobian, CobianSoft - C:\Program Files (x86)\Cobian Backup 11\cbService.exe O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - E:\Prey\platform\windows\cronsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=162 folders=119 108787509 bytes) ==== Empty Temp Folders ====================== C:\Users\Alain\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Alain\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on wo 28/05/2014 at 15:59:54,55 ======================