Zoek.exe v5.0.0.0 Updated 02-June-2014 Tool run by Hans on di 10-06-2014 at 17:12:15,59. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\hans\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-06-09-185312.log 1758 bytes C:\zoek-results2014-06-09-193532.log 68414 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe C:\windows\SysWOW64\svchost.exe C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe C:\Program Files (x86)\PDF Complete\pdfsvc.exe C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\hans\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe C:\Users\hans\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Users\hans\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Users\hans\Desktop\zoek.exe C:\windows\SysWOW64\cmd.exe C:\windows\SysWOW64\cmd.exe C:\windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_USERS\S-1-5-21-1819775193-1765234083-925418879-1159\Software\Microsoft\Windows\CurrentVersion\Run] "Pokki"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Pokki"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_USERS\S-1-5-21-1819775193-1765234083-925418879-1159\Software\Microsoft\Windows\CurrentVersion\Run] "Pokki"=- ==== System Specs ====================== Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3007 MB CPU Info: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz CPU Speed: 2094.1 MHz Sound Card: Luidsprekers / HP (IDT High Def | Display Adapters: Mobile Intel(R) HD Graphics | Mobile Intel(R) HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter #4 | Qualcomm Atheros AR9285 802.11b/g/n WiFi Adapter | Bluetooth-apparaat (Personal Area Network) #2 | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (G: | ) G: hp DVD A DS8A5LH Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 7 Button Wheel Mouse Present Hard Disks: C: 275.0GB | E: 17.8GB | F: 5.0GB Hard Disks - Free: C: 205.9GB | E: 2.7GB | F: 2.1GB Manufacturer *: Hewlett-Packard BIOS Info: AT/AT COMPATIBLE | 09/14/11 | HPQOEM - f Time Zone: West-Europa (standaardtijd) Motherboard *: Hewlett-Packard 167C Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 34.0.1847.116 Internet Explorer Version: 11.0.9600.17105 Google Chrome version: 34.0.1847.116 Adobe Reader version: 10.1.0.534 Sun Java version: 1.7.0_60 (32-bit) Flash Player version: 13.0.0.206 ==== Files Recently Created / Modified ====================== ====== C:\windows ==== ====== C:\Users\hans\AppData\Local\Temp ==== ====== Java Cache ===== 2014-06-10 15:09:00 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\hans\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-68f5102a 2014-06-10 15:08:40 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\hans\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-7e03c10a 2014-06-10 15:08:41 76089761706E2092FC1E7EC9028966B9 425 ----a-w- C:\Users\hans\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap 2014-06-10 15:08:37 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\hans\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-40cdbfbd 2014-06-10 15:08:41 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\hans\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-1db7c41d ====== C:\windows\SysWOW64 ===== 2014-06-10 15:04:18 CEE4C9E092168CEBD187491AF6FDA8FB 264616 ----a-w- C:\windows\SysWOW64\javaws.exe 2014-06-10 15:03:45 ECB3AB701D6E26F5E54C58957E34E719 175528 ----a-w- C:\windows\SysWOW64\javaw.exe 2014-06-10 15:03:45 8C7C6D494D86307CDCF63E0478767C16 98216 ----a-w- C:\windows\SysWOW64\WindowsAccessBridge-32.dll 2014-06-10 15:03:45 2251971694E17BAC4E344DC2B7CD7ADD 175528 ----a-w- C:\windows\SysWOW64\java.exe 2014-06-09 19:06:01 5869FBC754578A59C8C8635B99DB79DE 17384448 ----a-w- C:\windows\SysWOW64\mshtml.dll 2014-06-09 19:05:59 2518D1922371892ADEF1F07147DBD72A 2724864 ----a-w- C:\windows\SysWOW64\mshtml.tlb ====== C:\windows\SysWOW64\drivers ===== ====== C:\windows\Sysnative ===== 2014-06-09 19:06:08 A98DA2EC1E56CF52C682D072F77D9874 23547904 ----a-w- C:\windows\Sysnative\mshtml.dll 2014-06-09 19:05:59 DE5DE05946D6FC2DC494C55BC7BC4C6E 2724864 ----a-w- C:\windows\Sysnative\mshtml.tlb ====== C:\windows\Sysnative\drivers ===== ====== C:\windows\Tasks ====== ====== C:\windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2014-06-10 15:04:23 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-06-10 15:03:29 -------- d-----w- C:\PROGRA~2\Java ======= C: ===== ====== C:\Users\hans\AppData\Roaming ====== 2014-06-09 19:35:46 -------- d-----w- C:\Users\hans\AppData\Local\PDFC 2014-06-09 19:30:40 -------- d-----w- C:\windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-06-09 19:30:40 -------- d-----w- C:\windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-06-09 19:30:40 -------- d-----w- C:\Users\martin\AppData\Local\Temp 2014-06-09 19:30:40 -------- d-----w- C:\Users\hans\AppData\Local\Temp 2014-06-09 19:30:40 -------- d-----w- C:\Users\Eigenaar\AppData\Local\Temp 2014-06-09 19:30:40 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-06-09 19:30:40 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-06-09 19:30:40 -------- d-----w- C:\Users\administrator\AppData\Local\Temp ====== C:\Users\hans ====== 2014-06-10 15:04:46 -------- d-----w- C:\ProgramData\Oracle 2014-06-10 15:03:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-06-10 15:01:41 B1BA71EDE129F3D059571E0B8931E12C 918952 ----a-w- C:\Users\hans\Downloads\JavaSetup7u60.com 2014-06-09 19:32:59 -------- d-----w- C:\ProgramData\Validity ====== C: exe-files == 2014-06-10 15:03:34 C7C5FF4B0E83702EFBC0C886D87E9743 145832 ----a-w- C:\Program Files (x86)\Java\jre7\bin\unpack200.exe 2014-06-10 15:03:34 3427C247AFEC295CD4A20B53EE445F23 16808 ----a-w- C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe 2014-06-10 15:03:33 F9DE7324BDF83F5AFE174354F47C2AE0 16808 ----a-w- C:\Program Files (x86)\Java\jre7\bin\orbd.exe 2014-06-10 15:03:33 ECB3AB701D6E26F5E54C58957E34E719 175528 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaw.exe 2014-06-10 15:03:33 E87885A59FDC241B6575943A75E495D9 182696 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jqs.exe 2014-06-10 15:03:33 E2C8F178A57D011518785CF75044CD69 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\keytool.exe 2014-06-10 15:03:33 E0FE8B7BE802F8C4A71317AC35E44B00 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmid.exe 2014-06-10 15:03:33 CEE4C9E092168CEBD187491AF6FDA8FB 264616 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaws.exe 2014-06-10 15:03:33 B5C9699AA60F74F144DB5A566F6E58F8 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe 2014-06-10 15:03:33 AEA4E94FC2A2F88FA5EC7FB6BC349E1B 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\klist.exe 2014-06-10 15:03:33 96777405AB93AF8FCF6C9B6F5C3F1E51 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe 2014-06-10 15:03:33 84FB0EC0581C996F445433BD2379A5CC 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\servertool.exe 2014-06-10 15:03:33 82517DE5984F3EA3A49E0B5C8825DA63 68008 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javacpl.exe 2014-06-10 15:03:33 8140DCC3064BA8ADC407D956BE19D764 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\pack200.exe 2014-06-10 15:03:33 62CA7ABA57A4FCDB3844F73A156BAE26 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\kinit.exe 2014-06-10 15:03:33 3002E7E937FCB8985320AA807E762845 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\policytool.exe 2014-06-10 15:03:33 235A2E87C34995F1837283FE76CD2E46 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ktab.exe 2014-06-10 15:03:33 2251971694E17BAC4E344DC2B7CD7ADD 175528 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java.exe 2014-06-10 15:03:33 1EFC992CA271E6D40034FBE7BCEDB724 52648 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe 2014-06-10 15:03:33 07643C3AF27179144C9800AF0819DE75 48040 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe 2014-06-10 15:03:33 0595B07F96E4F48784A4B772B887AD68 49576 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe 2014-06-10 15:02:54 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\hans\AppData\LocalLow\Sun\Java\jre1.7.0_60\lzma.exe 2014-06-09 16:24:53 6FC454773ABF8DE9A33B35E03525140D 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe 2014-06-09 16:24:53 49B70FBEEC01A69CA9AC115C109E9CDD 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateBroker.exe 2014-06-09 16:24:51 BE472797288F53AA9F56974B1A1FC18F 918672 ----a-w- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateSetup.exe 2014-06-09 16:24:51 6FC454773ABF8DE9A33B35E03525140D 51080 ----atw- C:\Users\hans\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe 2014-06-09 16:24:51 49B70FBEEC01A69CA9AC115C109E9CDD 51080 ----atw- C:\Users\hans\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateBroker.exe 2014-06-09 16:24:46 BE472797288F53AA9F56974B1A1FC18F 918672 ----a-w- C:\Users\hans\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateSetup.exe 2014-06-09 16:24:36 D893431503D5112DC3B799DF963D2AC8 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateComRegisterShell64.exe 2014-06-09 16:24:34 720546B84ED5229E1584C8F3533A2F12 328072 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe 2014-06-09 16:24:33 D5A444B63637EC0932172C6719A10252 263048 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe 2014-06-09 16:24:26 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdate.exe 2014-06-09 16:24:22 D893431503D5112DC3B799DF963D2AC8 114568 ----atw- C:\Users\hans\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateComRegisterShell64.exe 2014-06-09 16:24:22 720546B84ED5229E1584C8F3533A2F12 328072 ----atw- C:\Users\hans\AppData\Local\Google\Update\1.3.24.7\GoogleCrashHandler64.exe 2014-06-09 16:24:21 D5A444B63637EC0932172C6719A10252 263048 ----atw- C:\Users\hans\AppData\Local\Google\Update\1.3.24.7\GoogleCrashHandler.exe 2014-06-09 16:24:04 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\hans\AppData\Local\Google\Update\1.3.24.7\GoogleUpdate.exe 2014-06-09 16:22:51 BE472797288F53AA9F56974B1A1FC18F 918672 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.24.7\GoogleUpdateSetup.exe 2014-06-09 16:22:48 BE472797288F53AA9F56974B1A1FC18F 918672 ----a-w- C:\Users\hans\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.24.7\GoogleUpdateSetup.exe === C: other files == 2014-06-10 15:03:34 8E29BBCCC8D802D36701633A7842FE74 18636 ----a-w- C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip 2014-06-10 15:01:41 B1BA71EDE129F3D059571E0B8931E12C 918952 ----a-w- C:\Users\hans\Downloads\JavaSetup7u60.com 2014-06-09 18:53:45 C49E4403393707706D2422F61F5F1F92 66913 ----a-w- C:\Users\hans\Desktop\bluescreenview.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1819775193-1765234083-925418879-1159\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\hans\AppData\Local\Google\Update\GoogleUpdate.exe /c" "MobileDocuments"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Spotify"="C:\Users\hans\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "GoogleChromeAutoLaunch_42454FF2D96CA30106C71E47284183D1"="C:\Users\hans\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-1819775193-1765234083-925418879-1159\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #3"="C:\Users\hans\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\hans\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "File Sanitizer"="C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "HP HD Webcam [Fixed]_Monitor"="C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "DTRun"="c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "HPQuickWebProxy"="C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" "PDF Complete"="C:\Program Files (x86)\PDF Complete\pdfsty.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "QLBController"="C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui" "HPConnectionManager"="C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\hans\AppData\Local\Google\Update\GoogleUpdate.exe /c" "MobileDocuments"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Spotify"="C:\Users\hans\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "GoogleChromeAutoLaunch_42454FF2D96CA30106C71E47284183D1"="C:\Users\hans\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #3"="C:\Users\hans\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\hans\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\windows\system32\igfxtray.exe" "HotKeysCmds"="C:\windows\system32\hkcmd.exe" "Persistence"="C:\windows\system32\igfxpers.exe" "MfeEpePcMonitor"="C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" "HPPowerAssistant"="C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden" "BtTray"="C:\Program Files (x86)\Bluetooth Suite\BtTray.exe" "BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Folders ====================== 2012-02-07 20:05:31 1755 ----a-w- C:\Users\hans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Show Zoho CRM.lnk 2011-11-02 13:17:23 2059 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task] C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15-02-2012 16:12] C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15-02-2012 16:12] C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1819775193-1765234083-925418879-1159Core.job --a------ C:\Users\hans\AppData\Local\Google\Update\GoogleUpdate.exe [03-11-2011 12:46] C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1819775193-1765234083-925418879-1159UA.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\windows\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1819775193-1765234083-925418879-1159Core" [C:\Users\hans\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1819775193-1765234083-925418879-1159UA" [C:\Users\hans\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\Registration" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\windows\SysNative\tasks\User_Feed_Synchronization-{C188FA4A-3F94-4362-BF66-18213AD96508}" [C:\windows\system32\msfeedssync.exe] "C:\windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask" [C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [02-11-2011 15:19] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[21-08-2012 11:10] Lucidchart Diagrams - Online - hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn Google Drive - hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Pixlr-o-matic - hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj Gmail Offline - hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk Google Calendar - hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn Wunderlist - To-do and Task list - hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjliknjliaohjgjajlgolhijphojjdkc avast WebRep - hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda Quick Markup: Brainstorming - hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnchgfmijphalpadifffpofoakjdffag Google Wallet - hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [HP HD Webcam [Fixed]_Monitor] C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\hans\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Spotify] "C:\Users\hans\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\hans\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_42454FF2D96CA30106C71E47284183D1] "C:\Users\hans\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\RunOnce: [Application Restart #3] C:\Users\hans\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\hans\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Show Zoho CRM.lnk = C:\AdventNet\ZohoCRM\bin\zohocrm_tray.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = HoogstadOlie.local O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = HoogstadOlie.local O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = HoogstadOlie.local O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing) O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing) O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe ==== Empty IE Cache ====================== C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\hans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\hans\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=4025 folders=108 228335013 bytes) ==== Empty Temp Folders ====================== C:\Users\administrator\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Eigenaar\AppData\Local\Temp emptied successfully C:\Users\hans\AppData\Local\Temp will be emptied at reboot C:\Users\martin\AppData\Local\Temp emptied successfully C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\windows\Temp successfully emptied C:\Users\hans\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 10-06-2014 at 17:39:43,96 ======================