Zoek.exe v5.0.0.0 Updated 30-09-2014 Tool run by Melissa on wo 01-10-2014 at 12:09:53,85. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Melissa\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 1-10-2014 12:12:58 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Origin Games deleted successfully C:\PROGRA~2\Panda Security deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\Users\Melissa\AppData\Roaming\Panda Security deleted successfully C:\Users\Melissa\AppData\Roaming\PerformerSoft deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1805882446-797169683-3502470240-1001\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-1805882446-797169683-3502470240-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully HKEY_USERS\S-1-5-21-1805882446-797169683-3502470240-1001\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully HKEY_USERS\S-1-5-21-1805882446-797169683-3502470240-1001\Software\Microsoft\Internet Explorer\SearchScopes\{F2F8E0B4-3FCC-4ED4-9660-0A2368A4D911} deleted successfully HKEY_USERS\S-1-5-21-1805882446-797169683-3502470240-1001\Software\Microsoft\Internet Explorer\SearchScopes\{FB63809A-29F3-4E3B-9D1D-428F7DEE4813} deleted successfully HKEY_USERS\S-1-5-21-1805882446-797169683-3502470240-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully HKEY_USERS\S-1-5-21-1805882446-797169683-3502470240-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully HKEY_USERS\S-1-5-21-1805882446-797169683-3502470240-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} deleted successfully HKEY_USERS\S-1-5-21-1805882446-797169683-3502470240-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully HKEY_CLASSES_ROOT\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully HKEY_CLASSES_ROOT\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} deleted successfully ==== Installed Programs ====================== Aangifte inkomstenbelasting 2013 Adobe Shockwave Player 11.6 Apple Application Support Apple Mobile Device Support Apple Software Update Avira Avira Free Antivirus BitTorrent Bonjour CCleaner CyberLink PhotoDirector CyberLink PowerDirector 10 CyberLink PowerDVD CyberLink YouCam D3DX10 De SimsT 3 De SimsT 3 Ambities De SimsT 3 Buurtleven Accessoires De SimsT 3 Jaargetijden De SimsT 3 Katy Perry Pakt uit De SimsT 3 Levensweg De SimsT 3 Slaap- en badkamer Accessoires De SimsT 3 Supersnelle Accessoires De SimsT 3 Wereldavonturen Energy Star Google Chrome Google Update Helper Hewlett-Packard ACLM.NET v1.2.2.3 HP 3D DriveGuard HP Connected Music (Meridian - installer) HP Connected Music (Meridian - player) HP CoolSense HP Customer Experience Enhancements HP Documentation HP Postscript Converter HP Quick Launch HP Recovery Manager HP Registration Service HP Software Framework HP Support Assistant HP Utility Center HP Wireless Button Driver IDT Audio Intel(R) Management Engine Components Intel(R) Processor Graphics Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel© Trusted Connect Service Client iTunes Java 7 Update 67 Java Auto Updater K-Lite Codec Pack 10.6.5 Basic Microsoft Application Error Reporting Microsoft Office 365 - nl-nl Microsoft Silverlight Microsoft SkyDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft WSE 3.0 Runtime MSVCRT Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component OpenOffice.org 3.4.1 Origin Popcorn Time Qualcomm Atheros Driver Installation Program Realtek Ethernet Controller Driver Realtek PCIE Card Reader SoulSeek 157 NS 13e swMSM Synaptics Pointing Device Driver Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Language Selector Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR 4.11 (64-bit) ==== Running Processes ====================== C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Popcorn Time\Updater.exe C:\Users\Melissa\AppData\Roaming\BitTorrent\BitTorrent.exe C:\Users\Melissa\Desktop\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\Melissa\AppData\Roaming\Cool Mirage Ltd deleted C:\PROGRA~3\IBUpdaterService deleted C:\PROGRA~3\Package Cache deleted C:\Users\Melissa\AppData\Local\playnowradio deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com deleted C:\WINDOWS\wininit.ini deleted C:\WINDOWS\SysNative\config\systemprofile\Searches deleted C:\WINDOWS\SysWow64\searchplugins deleted C:\WINDOWS\SysWow64\Extensions deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3996 MB CPU Info: Intel(R) Core(TM) i3-2367M CPU @ 1.40GHz CPU Speed: 1412,7 MHz Sound Card: Luidsprekers en hoofdtelefoons | Display Adapters: Intel(R) HD Graphics 3000 | Intel(R) HD Graphics 3000 Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Qualcomm Atheros AR9485 802.11b|g|n WiFi-adapter | Realtek PCIe FE Family-controller CD / DVD Drives: No optical drives found. Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 280,9GB | D: 16,0GB Hard Disks - Free: C: 169,1GB | D: 2,0GB Manufacturer *: Insyde BIOS Info: AT/AT COMPATIBLE | | HPQOEM - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: Hewlett-Packard 18FC Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Avira Desktop On-access scanning disabled (Outdated) Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Avira Desktop disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Internet Explorer Version: 11.0.9600.17278 Google Chrome version: 37.0.2062.124 Sun Java version: 1.7.0_67 (32-bit) Shockwave Player version: 11.6.5r635 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2014-09-14 17:18:57 ACDBE1ED38167C8B01B8F63161BB2CEA 2374784 ----a-w- C:\WINDOWS\explorer.exe ====== C:\Users\Melissa\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2014-09-29 16:44:35 A0F43D4AB011F8979E597C1393CA7C50 218200 ----a-w- C:\WINDOWS\SysWOW64\unrar.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2014-09-29 16:44:35 F1200BFF711B75C703028D6387008E87 260696 ----a-w- C:\WINDOWS\Sysnative\unrar64.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2014-09-14 17:17:39 FEBAA7D782E30882FFF1CBCBBE8AD467 2515264 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2014-09-14 17:17:28 6416E79A58A8FCC33A447A4DDDD3BF04 412160 ----a-w- C:\WINDOWS\Sysnative\drivers\srv.sys 2014-09-14 17:17:24 038C77D577900EE39410662478BB0D50 2009920 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2014-09-14 17:17:22 5BED3AB69797C8786EF70AEA8C33748B 674816 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys 2014-09-14 17:17:21 77E1D08EF3BFB923F2EDC3FC8089E08E 475968 ----a-w- C:\WINDOWS\Sysnative\drivers\netio.sys 2014-09-14 17:17:17 240C5C3793206725AA05665851E8C214 412992 -c--a-w- C:\WINDOWS\Sysnative\drivers\spaceport.sys 2014-09-14 17:17:14 FF78D053A05E5A394F4E3C1816CC65A8 143680 -c--a-w- C:\WINDOWS\Sysnative\drivers\usbccgp.sys 2014-09-14 17:17:14 64CA2B4A49A8EAF495E435623ECCE7DB 310080 -c--a-w- C:\WINDOWS\Sysnative\drivers\volsnap.sys 2014-09-14 17:17:09 65392F3F3F65E4C6CC82A0F4F8A0B051 468288 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2014-09-14 17:17:05 D047CD668E6277FD80F0C613946F034C 246272 ----a-w- C:\WINDOWS\Sysnative\drivers\srvnet.sys 2014-09-14 17:17:04 26ACA481FAFEC59FE311D719E3027BBA 446976 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys 2014-09-14 17:17:02 FEF0BC107812B36849741C3211BA6B60 419648 -c--a-w- C:\WINDOWS\Sysnative\drivers\usbhub.sys 2014-09-14 17:16:55 9C096BF5E10CA8BFA56F32522A89FAF1 79872 ----a-w- C:\WINDOWS\Sysnative\drivers\IPMIDrv.sys 2014-09-14 17:16:53 E4B4BE2D7750849C07589DA0B0AABA01 1118040 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2014-09-14 17:16:53 B1AA3B19A2E596A59224F893E01A5A75 126464 ----a-w- C:\WINDOWS\Sysnative\drivers\NdisImPlatform.sys 2014-09-14 17:16:52 D4B7ED39C7900384D9E5C1283F1E7926 76800 -c--a-w- C:\WINDOWS\Sysnative\drivers\hdaudbus.sys 2014-09-14 17:16:52 C910E5D18958914A66F0E45689D0B40A 206848 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys 2014-09-14 17:16:51 E0927EFA25D473367C3341B9F5969779 115712 ----a-w- C:\WINDOWS\Sysnative\drivers\bridge.sys 2014-09-14 17:16:42 91ED124E261EA8FAA1C0FFDF2A71B0C4 280384 -c--a-w- C:\WINDOWS\Sysnative\drivers\pci.sys 2014-09-14 17:16:41 1DD05F4857C2188744B9E864658949DD 295424 ----a-w- C:\WINDOWS\Sysnative\drivers\ks.sys 2014-09-14 16:26:11 8DF1254093B5C354CE725EB6B9B0DE19 146752 ----a-w- C:\WINDOWS\Sysnative\drivers\msgpioclx.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-09-08 05:04:45 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-09-29 16:44:33 -------- d-----w- C:\PROGRA~2\K-Lite Codec Pack 2014-09-29 16:43:48 -------- d-----w- C:\PROGRA~2\Popcorn Time ======= C: ===== ====== C:\Users\Melissa\AppData\Roaming ====== ====== C:\Users\Melissa ====== 2014-09-29 16:44:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2014-09-29 16:44:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time ====== C: exe-files == 2014-09-29 16:44:33 8BDF75340A1021B65C7F3ED6FFCE81DD 1334187 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe 2014-09-29 16:44:33 84551CD8625713FEEDFEBC769562A67D 443392 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\Tools\SetACL_x64.exe 2014-09-29 16:44:33 567BEFCC4CAF8EE4C1F68DED96562727 301056 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\Tools\SetACL_x86.exe 2014-09-29 16:44:33 4DE6F44810BAD050AC81F45549D58F34 1173504 ----a-w- C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe 2014-09-29 16:44:17 C1885606D0ACAFD0675D78A7BA47811D 11760439 ----a-w- C:\Program Files (x86)\Popcorn Time\K-Lite_Codec_Pack_1065_Basic.exe 2014-09-29 16:44:17 589CA1FB4FF952EB8E3D695E913BF6BF 179200 ----a-w- C:\Program Files (x86)\Popcorn Time\Updater.exe 2014-09-29 16:43:56 9985A09C2AD157ACD295254E86B605FF 5790432 ----a-w- C:\Program Files (x86)\Popcorn Time\chromecast\node.exe 2014-09-29 16:43:51 FCD59DCE26717A4748CEEC63483973CD 3465216 ----a-w- C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe 2014-09-29 16:43:48 9BFC9809962357512B023CD51C6DE63B 878147 ----a-w- C:\Program Files (x86)\Popcorn Time\unins000.exe 2014-09-26 04:34:09 F9E4B109A9D327D1239E491E29578A2E 550584 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\MSOSQM.EXE 2014-09-26 04:34:08 13ACDC68FAD1BE0E6E44A47E0EB5C475 842440 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\DW20.EXE 2014-09-26 04:33:48 1FA58353814828F9B3D31CB01BFFCE6D 81648 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE 2014-09-26 04:33:47 167E713975F87CFDC5F05D5ED08FBD85 7651536 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CMigrate.exe 2014-09-26 04:33:44 A789DDA5192980D81DBB01D55811DEA9 49848 ----a-w- C:\Program Files\Microsoft Office 15\root\flattener\Flattener.exe 2014-09-26 04:33:43 B9E8AE87F0DEDB2E6C164E4BFEA02E7C 39576 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\AppSharingHookController64.exe 2014-09-26 04:33:37 F79A490D9614CA9B8FC23409AF817EBA 5624016 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CMigrate.exe 2014-09-26 04:33:31 4BCE37BACBAB333187BB6E0F0B9F4C43 9597096 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\PDFREFLOW.EXE 2014-09-26 04:33:26 2ECE1C04DD7280A82A0EC1A259016B54 874160 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe 2014-09-26 04:33:19 AD6502512DAB0512295F9051514343BB 474336 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\DWTRIG20.EXE 2014-09-26 04:33:16 3C283C1BFA1D88C2D4D52148CE62A7C7 543360 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\EQUATION\EQNEDT32.EXE 2014-09-26 04:33:16 30B5F9FB0C35AE6B4A0851D24CE2EE8B 150600 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Source Engine\OSE.EXE 2014-09-26 04:32:40 5EFF8107B969FFED8FD43CF784E3041A 1090768 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe 2014-09-26 04:32:21 D679931089526AF06B9D15A8A44EB53F 228544 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\CLVIEW.EXE 2014-09-26 04:32:21 4DEEDF0559E2A5E8A3B32220975A490B 497848 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSOUC.EXE 2014-09-26 04:32:20 54571FBCF53B33B8AD89C86FDFDF5CFA 449216 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE 2014-09-26 04:32:20 1B9CE92B611FFB9304405248D541A837 480984 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\SELFCERT.EXE 2014-09-26 04:32:19 F5D36DD4F4954883E1C3FF45FD2CA245 21931672 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe 2014-09-26 04:32:18 E2CD290381C86BE22C0628FBD17FE0C8 517360 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\IEContentService.exe 2014-09-26 04:32:18 BCDBD0DCD1A079CE468DA0E881F3C767 4522688 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\GRAPH.EXE 2014-09-26 04:32:17 8F2576BF4A07EDC6EB475ED0D9AF6A15 569584 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ORGCHART.EXE 2014-09-26 04:32:16 98D3A7B6EC8360577B8E5FBD413FA713 153248 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\CNFNOT32.EXE 2014-09-26 04:32:14 4883FFDFC482CE29D50E34750C592C22 528576 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\VPREVIEW.EXE 2014-09-26 04:30:29 8FF1A393FD0CF4E888C4EBC73AF4F252 590536 ----a-w- C:\Program Files\Microsoft Office 15\root\Integration\Integrator.exe 2014-09-26 04:30:28 C419E73483ADA429BF4693D77CE49279 145056 ----a-w- C:\Program Files\Microsoft Office 15\root\client\AppVDllSurrogate64.exe 2014-09-26 04:30:28 B950312617FB5EE9DD30C6A9B3B6EADE 311552 ----a-w- C:\Program Files\Microsoft Office 15\root\client\AppVLP.exe 2014-09-26 04:30:28 33DFE1A4E0072E6815D653AABC0A8444 124072 ----a-w- C:\Program Files\Microsoft Office 15\root\client\AppVDllSurrogate32.exe 2014-09-26 04:27:37 4E28F3BDCF66DEB0C3E9E2D6A8BBFBEE 18945704 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE 2014-09-26 04:27:29 80C830207A104F6C1BDE91D0D86D8685 195240 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE 2014-09-26 04:27:28 03DED553CB47ECF6C87A9DF0A17391EA 1762976 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ONENOTE.EXE 2014-09-26 04:27:25 18605ECCA0701DBC114739A8E58E0626 15518888 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSACCESS.EXE 2014-09-26 04:26:49 3B3EBE7EE88DC7C3B35E6672F764EC37 10760352 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSPUB.EXE 2014-09-26 04:26:46 18B22B1B507B4ED6F4A0DBF68198D394 25705120 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE 2014-09-26 04:26:17 1F081FC968D71544B5692178607FD682 991904 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\FIRSTRUN.EXE 2014-09-26 04:26:04 C5BF5684F342C194120B4587E125CC00 205472 ----a-w- C:\Program Files\Microsoft Office 15\ClientX64\AppVShNotify.exe 2014-09-26 04:26:04 8D8D475017ACA6960DBC150C1391B7B9 249000 ----a-w- C:\Program Files\Microsoft Office 15\ClientX64\mavinject32.exe 2014-09-25 11:06:00 7CA4092A339EA30DE8FF06D3FF79D6ED 749648 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\37.0.2062.124\37.0.2062.124_37.0.2062.120_chrome_updater.exe === C: other files == 2014-09-29 16:43:59 9653E1D2EED12AE0BF637523EDB2BC70 3773 ----a-w- C:\Program Files (x86)\Popcorn Time\chromecast\node_modules\castv2-client\node_modules\castv2\node_modules\protobuf\protobuf\vsprojects\extract_includes.bat ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1805882446-797169683-3502470240-1001\Software\Microsoft\Windows\CurrentVersion\Run] "BitTorrent"="C:\Users\Melissa\AppData\Roaming\BitTorrent\BitTorrent.exe /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "Avira Systray"="C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BitTorrent"="C:\Users\Melissa\AppData\Roaming\BitTorrent\BitTorrent.exe /MINIMIZED" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" ==== Startup Folders ====================== 2013-05-01 14:18:05 1235 ----a-w- C:\Users\Melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24-01-2014 22:21] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24-01-2014 22:21] C:\WINDOWS\tasks\HPCeeScheduleForMelissa.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [13-09-2010 22:15] C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job --a-------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [24-08-2012 11:38] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\HPCeeScheduleForMelissa" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\WINDOWS\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{13104140-C2A7-4B8C-A0E8-3671D527D433}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon" [C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions flliilndjeohchalpbbcdekjklbdgfkk - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions begbnpffhnpedhocnobliippgejhjpfp - C:\Users\Melissa\AppData\Roaming\Cool Mirage Ltd\gophotoit\1.8.29.5\gophotoit.crx[] Google Docs - Melissa\AppData\Local\Google\Chrome\User Data\default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Melissa\AppData\Local\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf GoPhotoIt Chrome Extension - Melissa\AppData\Local\Google\Chrome\User Data\default\Extensions\begbnpffhnpedhocnobliippgejhjpfp YouTube - Melissa\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Melissa\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Avira Browser Safety - Melissa\AppData\Local\Google\Chrome\User Data\default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk Google Wallet - Melissa\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Melissa\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\default\Local Storage\chrome-extension_flliilndjeohchalpbbcdekjklbdgfkk_0.localstorage deleted successfully C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\default\Local Storage\chrome-extension_flliilndjeohchalpbbcdekjklbdgfkk_0.localstorage-journal deleted successfully C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\default\Local Extension Settings\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\default\Extensions\begbnpffhnpedhocnobliippgejhjpfp deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{F2F8E0B4-3FCC-4ED4-9660-0A2368A4D911}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F2F8E0B4-3FCC-4ED4-9660-0A2368A4D911}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS" {D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1346-154357-12126-2/4?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\begbnpffhnpedhocnobliippgejhjpfp deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Melissa\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: @oem9.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing) O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Update service - Company - C:\Program Files (x86)\Popcorn Time\Updater.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Melissa\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Melissa\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=312 folders=70 14258415 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Melissa\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Melissa\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on wo 01-10-2014 at 12:40:53,29 ======================