Zoek.exe v5.0.0.0 Updated 19-November-2014 Tool run by Papa on wo 19/11/2014 at 21:33:56,56. Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\S U R F E N\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 19/11/2014 21:37:07 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\Bitdefender deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\PROGRA~2\Oracle deleted successfully C:\PROGRA~2\PKWARE deleted successfully C:\PROGRA~2\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted successfully C:\Users\Papa\AppData\Roaming\Malwarebytes deleted successfully C:\Users\Papa\AppData\Roaming\WinRAR deleted successfully C:\Users\S U R F E N\AppData\Roaming\PKWARE deleted successfully C:\Users\Papa\AppData\Local\eSupport.com deleted successfully C:\Users\Papa\AppData\Local\VirtualStore deleted successfully C:\Users\S U R F E N\AppData\Local\GHISLER deleted successfully C:\Users\S U R F E N\AppData\Local\WEKA DVD Interface deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-913790430-1820616755-2066786237-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully HKEY_USERS\S-1-5-21-913790430-1820616755-2066786237-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully HKEY_USERS\S-1-5-21-913790430-1820616755-2066786237-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully HKEY_USERS\S-1-5-21-913790430-1820616755-2066786237-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-913790430-1820616755-2066786237-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe D:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe C:\Program Files\AVG\AVG2015\avgwdsvc.exe C:\Program Files\BlueStacks\HD-LogRotatorService.exe C:\Program Files\BlueStacks\HD-UpdaterService.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\AVG\AVG2015\avgui.exe D:\Program Files\Common Files\Siemens\S7UBTOOX\S7ubTstx.exe C:\Program Files\File Association Helper\FAHWindow.exe C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe D:\Program Files\Siemens\Step7\s7bin\s7hspsvx.exe D:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe D:\Program Files\Common Files\Siemens\S7UBTOOX\S7ubtoox.exe D:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe D:\Program Files\Common Files\Siemens\Sqlany\dbsrv9.exe C:\Windows\System32\spool\drivers\w32x86\3\E_FATICEE.EXE C:\Windows\System32\spool\drivers\w32x86\3\E_FATICEE.EXE C:\Windows\System32\spool\drivers\w32x86\3\E_FATICEE.EXE C:\Windows\system32\ctfmon.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe D:\Program Files\Common Files\Siemens\SimNetCom\PNIOMGR.exe C:\Windows\system32\conhost.exe D:\Program Files\Common Files\Siemens\SimNetCom\pniopcac.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wuauclt.exe C:\Users\S U R F E N\Desktop\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\SURFEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\i2qu5y9p.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20141911_2149_.backup ProfilePath: C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder} prefs.js not found user.js not found ---- FireFox user.js and prefs.js backups ---- ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ApnTBMon"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon] ==== Deleting Files \ Folders ====================== C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF} not found C:\PROGRA~2\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} not found C:\0hotfix deleted C:\PROGRA~2\Rahmensetup deleted C:\user.js deleted C:\PROGRA~2\AskPartnerNetwork deleted C:\PROGRA~2\APN deleted C:\PROGRA~2\Avg_Update_0414b deleted C:\Users\S U R F E N\AppData\Local\AskPartnerNetwork deleted C:\Windows\system32\config\systemprofile\Searches deleted C:\Windows\System32\AI_RecycleBin deleted "C:\report.txt" deleted "C:\Users\Papa\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions\toolbar_AVIRA-V7@apn.ask.com.xpi" deleted "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\Program Files\AskPartnerNetwork" deleted "C:\Program Files\AskPartnerNetwork" deleted "C:\Program Files\AskPartnerNetwork\Toolbar" deleted "C:\Program Files\AskPartnerNetwork\Toolbar\Updater" deleted "C:\Program Files\AskPartnerNetwork\Toolbar" deleted "C:\Program Files\AskPartnerNetwork\Toolbar\Updater" deleted ==== System Specs ====================== Windows: Windows 7 Ultimate Edition Service Pack 1 (Build 7601) Memory (RAM): 3584 MB CPU Info: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz CPU Speed: 2563,7 MHz Sound Card: Luidsprekers (High Definition A | Digitale audio (S/PDIF) (High D | Digitale audio (S/PDIF) (High D | Display Adapters: NVIDIA GeForce 6200 LE | NVIDIA GeForce 6200 LE | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1280 X 1024 - 32 bit Network: Network Present Network Adapters: Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) CD / DVD Drives: 1x (E: | ) E: ATAPI iHAS122 Ports: COM1 LPT1 Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 141,2GB | D: 931,5GB Hard Disks - Free: C: 32,2GB | D: 654,1GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 03/11/09 | LENOVO - 20090311 Time Zone: Romance (standaardtijd) Motherboard *: ASUSTeK Computer INC. P5KPL/EPU Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: AVG AntiVirus Free Edition 2015 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG AntiVirus Free Edition 2015 disabled (Outdated) Internet Explorer Version: 11.0.9600.17420 Mozilla Firefox version: 23.0.1 (x86 nl) Google Chrome version: 38.0.2125.111 Sun Java version: 1.7.0_40 (32-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-11-10 20:37:57 2BA71C3B59449224A9E3D2A3154582F8 116672880 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\Papa\AppData\Local\Temp ==== 2014-11-15 05:30:56 233D4CF9E355B8BC7D849D52ECA13960 1209856 ----a-w- C:\Users\Papa\AppData\Local\Temp\speccycpuid.dll ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-11-15 05:43:38 B580A6B9932669DE703001AEE66D5BB1 259584 ----a-w- C:\Windows\System32\msv1_0.dll 2014-11-15 05:43:38 9CEA80FFC617E6B6DD7B52E6225C0D38 65536 ----a-w- C:\Windows\System32\TSpkg.dll 2014-11-15 05:43:38 8FE6AB488ECDC60930CE973A7051B0D4 221184 ----a-w- C:\Windows\System32\ncrypt.dll 2014-11-15 05:43:38 8CFAEFCD7F1E004950FCAE870A501B3E 248832 ----a-w- C:\Windows\System32\schannel.dll 2014-11-15 05:43:38 8205E55DFB11809E5F2AAD1C48840535 17408 ----a-w- C:\Windows\System32\credssp.dll 2014-11-15 05:43:38 3B3B8BA16DC999EA17D075D2F1064DE4 550912 ----a-w- C:\Windows\System32\kerberos.dll 2014-11-15 05:43:38 37BC079204BF9B087D6DE6B728908B4B 172032 ----a-w- C:\Windows\System32\wdigest.dll 2014-11-15 05:43:17 CB55B9AAB060C803BE4AD229AA0FEC28 2363904 ----a-w- C:\Windows\System32\msi.dll 2014-11-15 05:43:03 B1C9CACC1E667E4C6FC0AFC15474035C 203776 ----a-w- C:\Windows\System32\aepdu.dll 2014-11-15 05:43:03 AB6F34F32648142224856F2159FF08BA 254464 ----a-w- C:\Windows\System32\generaltel.dll 2014-11-15 05:43:02 BC322704472B89D2C48C9B525FE7AD90 302592 ----a-w- C:\Windows\System32\aeinv.dll 2014-11-15 05:43:02 537184E7306E06BB22C5B93D2AFA4DF8 1237504 ----a-w- C:\Windows\System32\msxml3.dll 2014-11-15 05:43:02 09FA271EE1F9AD68B2D1C1C210F4B71F 2048 ----a-w- C:\Windows\System32\msxml3r.dll 2014-11-15 05:42:58 F6AF80581A85F657CFCD8ADC7ED0B3DA 2379264 ----a-w- C:\Windows\System32\win32k.sys 2014-11-15 05:42:46 0F39AC3274312EFFD03928291E8BA7CA 67584 ----a-w- C:\Windows\System32\packager.dll 2014-11-15 05:42:44 5FDBDEECA34E73325D87C5ACD16A3EEC 701440 ----a-w- C:\Windows\System32\IMJP10K.DLL 2014-11-15 05:42:40 FD79B005E849DF3D7E9B5EB7A637C528 374784 ----a-w- C:\Windows\System32\AudioEng.dll 2014-11-15 05:42:40 F4157B3CECF19B1C266C83AFF051C97A 475136 ----a-w- C:\Windows\System32\audiosrv.dll 2014-11-15 05:42:40 AA7325057A1E1CC401798C0B1238E182 195584 ----a-w- C:\Windows\System32\AudioSes.dll 2014-11-15 05:42:40 8D338464B851DDD76E2B876A3E09EB70 442880 ----a-w- C:\Windows\System32\AUDIOKSE.dll 2014-11-15 05:42:40 639B0199F4D995CD63D7328799A92B57 275968 ----a-w- C:\Windows\System32\EncDump.dll 2014-11-15 05:42:32 FCFD4F50419B4BC72E80066DA10D2E54 523776 ----a-w- C:\Windows\System32\termsrv.dll 2014-11-15 05:42:32 980EEEE8815DA7593708774D1225BD35 681984 ----a-w- C:\Windows\System32\adtschema.dll 2014-11-15 05:42:32 1D4B52E5F3FD3875A5B3B6296F2BEB11 1059840 ----a-w- C:\Windows\System32\lsasrv.dll 2014-11-15 05:42:30 9AB39ADD28C7C1A685B1EA8C6A25CF08 146432 ----a-w- C:\Windows\System32\msaudite.dll 2014-11-15 05:42:14 EDA54D2E17C0271D2CDA946ABE344110 571904 ----a-w- C:\Windows\System32\oleaut32.dll 2014-11-15 05:42:13 B6273619A3DF28F03B64E911E45A6AB2 30720 ----a-w- C:\Windows\System32\iernonce.dll 2014-11-15 05:42:13 843BD9DAF03ABB6761DEE6D155301F28 60416 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-11-15 05:42:13 7760760CDC8BC42644A8F641BD64E496 102912 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-11-15 05:42:13 6E0CFB5D1EF8A193A77364BE460A621E 667648 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-11-15 05:42:13 5D5640C34C4A97467F77489DBB157568 47616 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2014-11-15 05:42:13 17AF9A2CB9971C95245754BD5F8BC79C 683008 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-11-15 05:42:12 FB56C76FEA44693752BD99D7D9930ABA 341168 ----a-w- C:\Windows\System32\iedkcs32.dll 2014-11-15 05:42:12 A1A2EE55A2C69F79AED00973E604B9C4 418304 ----a-w- C:\Windows\System32\dxtmsft.dll 2014-11-15 05:42:12 8A46404AC1AEB22AA2D4C906D0FC86C2 620032 ----a-w- C:\Windows\System32\jscript9diag.dll 2014-11-15 05:42:12 6DDC0F44A70976C492CB1666BA9A7912 47104 ----a-w- C:\Windows\System32\jsproxy.dll 2014-11-15 05:42:12 5E01004CBC35A78FE2AB4016CCAD4760 708096 ----a-w- C:\Windows\System32\ieapfltr.dll 2014-11-15 05:42:12 4F8CD74CD69A94ED1A5D7E837A356F4E 115712 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-11-15 05:42:12 4772DB007FFBD4BBE3F526704BCA67FE 1310208 ----a-w- C:\Windows\System32\urlmon.dll 2014-11-15 05:42:12 26EE6C9780A8FC872C60F9E35D7EBD4B 688640 ----a-w- C:\Windows\System32\msfeeds.dll 2014-11-15 05:42:11 7748B3DDDC92C7FC11F7462DB872E8E7 2051072 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-11-15 05:42:11 5972510EF1C6097D9C14C17387A5EDB2 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2014-11-15 05:42:10 E31840C3603948EDE6D9F97C617E8E0A 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2014-11-15 05:42:10 6DD7D61A8EF3DFEC4FAEFEB395E77424 1892864 ----a-w- C:\Windows\System32\wininet.dll 2014-11-15 05:42:10 19D68FDEE62519C5A0387EB4E88A01EF 62464 ----a-w- C:\Windows\System32\iesetup.dll 2014-11-15 05:42:10 139E85C4E5DF322AE1BF6544D8C32B0A 168960 ----a-w- C:\Windows\System32\msrating.dll 2014-11-15 05:42:09 66F4FFDBCD501260ABC198317D2B0D10 285696 ----a-w- C:\Windows\System32\dxtrans.dll 2014-11-15 05:42:08 8585BC27224F97458C186AA085B754A7 478208 ----a-w- C:\Windows\System32\ieui.dll 2014-11-15 05:42:08 36EE0A2A981617610F921BCBB997DB06 12819456 ----a-w- C:\Windows\System32\ieframe.dll 2014-11-15 05:42:07 A6E51BDCB8F4B84E874F918F0452763D 76288 ----a-w- C:\Windows\System32\mshtmled.dll 2014-11-15 05:42:07 4169C6A6613856D69224498620F0C2B5 1155072 ----a-w- C:\Windows\System32\mshtmlmedia.dll 2014-11-15 05:42:06 FA310BD4A5DE904445DDDE54C5A654F2 2277376 ----a-w- C:\Windows\System32\iertutil.dll 2014-11-15 05:42:06 755D0A90CFC4BCB178D7070B0351F0AE 64000 ----a-w- C:\Windows\System32\MshtmlDac.dll 2014-11-15 05:42:05 93074C4FA92A8399404D032F6AF72C1B 19781632 ----a-w- C:\Windows\System32\mshtml.dll 2014-11-15 05:42:04 AE39939F1E25401B9A4952A7A8D372AC 4298240 ----a-w- C:\Windows\System32\jscript9.dll 2014-11-15 05:42:04 9ED3132B7F0D36FA9911721E8B2CB968 501248 ----a-w- C:\Windows\System32\vbscript.dll ====== C:\Windows\system32\drivers ===== 2014-11-15 05:42:32 1E1845606C5A4579F7F3D95796CC1ED1 136632 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2014-11-08 16:34:03 651554E483712B708EDE864D0CA1AA73 23456 ----a-w- C:\Windows\System32\drivers\DrvAgent32.sys 2014-10-29 20:34:52 5C238CDA802ECA79D7C05EEDDEA7001B 213784 ----a-w- C:\Windows\System32\drivers\avgidsdriverx.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-11-15 04:49:20 -------- d-----w- C:\Program Files\Speccy ======= ===== 2014-11-09 04:16:18 51171817EE39650DDA558793ED622CBD 101055 ----a-w- \PAPA-PC.html 2014-11-09 04:16:08 E6CE80EE5F635B3D515EE21183E3E209 72936 ----a-w- \PAPA-PC.txt ====== C:\Users\Papa\AppData\Roaming ====== 2014-11-19 20:22:19 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\S U R F E N\AppData\Local\{FA965DF5-01ED-4D6D-8775-972400E4FFED} 2014-11-15 12:21:42 -------- d-sh--w- C:\Users\S U R F E N\AppData\Local\EmieBrowserModeList 2014-11-15 09:11:54 -------- d-sh--w- C:\Users\S U R F E N\AppData\Locallow\EmieBrowserModeList 2014-11-15 06:14:48 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm 2014-11-15 04:49:31 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking 2014-11-09 04:59:18 -------- d-sh--w- C:\Users\Papa\AppData\Local\EmieUserList 2014-11-09 04:59:18 -------- d-sh--w- C:\Users\Papa\AppData\Local\EmieSiteList ====== C:\Users\Papa ====== 2014-11-19 20:31:36 -------- d-----w- C:\ProgramData\Trend Micro 2014-11-19 01:59:21 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\S U R F E N\Downloads\RSIT.exe 2014-11-18 20:03:52 33398D340008A0577507FCA7FD443622 19828376 ----a-w- C:\Users\S U R F E N\Desktop\mbam-setup-2.0.3.1025.exe 2014-11-15 04:49:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy ====== C: exe-files == 2014-11-19 02:00:01 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\Trend Micro\Papa.exe 2014-11-19 01:59:21 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\S U R F E N\Downloads\RSIT.exe 2014-11-18 20:03:52 33398D340008A0577507FCA7FD443622 19828376 ----a-w- C:\Users\S U R F E N\Desktop\mbam-setup-2.0.3.1025.exe 2014-11-17 19:26:27 D6A719D22E180FC1AAC49D3B8B7EE1E7 216064 ----a-w- C:\0\CPUTEMP\RealTemp.exe 2014-11-17 19:26:27 65A2C5F28207F5CB52D048BB5AE3F3B4 220160 ----a-w- C:\0\CPUTEMP\RealTempGT.exe 2014-11-17 19:26:26 A488752B6D5C1C0CAD74F9B39A144D0A 31744 ----a-w- C:\0\CPUTEMP\LoadTester.exe 2014-11-17 19:26:26 48E61F94BEB8B46A906AD7E95B38E73F 56320 ----a-w- C:\0\CPUTEMP\i7TurboGT.exe 2014-11-17 19:26:18 D6A719D22E180FC1AAC49D3B8B7EE1E7 216064 ----a-w- C:\Users\S U R F E N\Downloads\RealTemp_370\RealTemp.exe 2014-11-17 19:26:18 A488752B6D5C1C0CAD74F9B39A144D0A 31744 ----a-w- C:\Users\S U R F E N\Downloads\RealTemp_370\LoadTester.exe 2014-11-17 19:26:18 65A2C5F28207F5CB52D048BB5AE3F3B4 220160 ----a-w- C:\Users\S U R F E N\Downloads\RealTemp_370\RealTempGT.exe 2014-11-17 19:26:18 48E61F94BEB8B46A906AD7E95B38E73F 56320 ----a-w- C:\Users\S U R F E N\Downloads\RealTemp_370\i7TurboGT.exe 2014-11-17 18:53:04 5B4ED5734945619EE3BCDB9825D2F526 51080 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe 2014-11-17 18:53:04 06036279056145E0F08FC095CB789E6A 51080 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateBroker.exe 2014-11-17 18:52:59 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateSetup.exe 2014-11-17 18:52:34 EDD3E562684CB4C50704B471BEAB1F86 114568 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe 2014-11-17 18:52:27 CB8C1CC4F46FBAC78150754D77460C73 230792 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe 2014-11-17 18:52:27 7161E8E31B7FD3B1CE083C2CA5FD5F44 285064 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler64.exe 2014-11-17 18:52:20 F172AD4E906D97ED8F071896FC6789DC 107912 ----atw- C:\Program Files\Google\Update\1.3.25.11\GoogleUpdate.exe 2014-11-17 18:52:19 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.11\GoogleUpdateSetup.exe 2014-11-15 05:43:02 94972E1B98CA7277C41CD3579509C014 138912 ----a-w- C:\Windows\System32\CompatTel\QueryAppBlock.exe 2014-11-15 05:43:02 5EDB363A2B6FC9899116656337F84463 42664 ----a-w- C:\Windows\System32\CompatTel\wicainventory.exe 2014-11-15 05:42:44 7EEB4D2A17421D337F970FB5C3B24410 106496 ----a-w- C:\Windows\System32\IME\IMEJP10\imjpuexc.exe 2014-11-15 05:42:13 7760760CDC8BC42644A8F641BD64E496 102912 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-11-15 05:42:13 6E0CFB5D1EF8A193A77364BE460A621E 667648 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-11-15 05:42:13 17AF9A2CB9971C95245754BD5F8BC79C 683008 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-11-15 05:42:12 B569522A58F9B53B20D16516D26E0DD8 221184 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-11-15 05:42:12 4F8CD74CD69A94ED1A5D7E837A356F4E 115712 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-11-15 05:42:11 B5724D61C7CB3FC9BACD9F8E58A77A03 468992 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-11-15 05:42:10 591C6FD1541BAFAEEE82B1F5831C8532 815280 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-11-15 04:48:50 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\S U R F E N\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\39KR7CIC\spsetup126.exe 2014-11-15 04:36:37 F5990EFEDD846FF03771E95E3F241483 6122736 ----a-w- C:\Program Files\AVG\AVG2015\avgmfapx.exe 2014-11-15 04:36:37 91F861349A9B579667F6A050B56BA6A7 15888 ----a-w- C:\Program Files\AVG\AVG2015\avgrdtestx.exe 2014-11-15 04:36:37 04202D3E38016AFB4367FFFCDD20C27F 62992 ----a-w- C:\Program Files\AVG\AVG2015\avguirux.exe === C: other files == 2014-11-17 19:26:27 D41751F0C2A76575363D0AE048400953 53 ----a-w- C:\0\CPUTEMP\RTShutDown.bat 2014-11-17 19:26:27 845AF1BA23C8D5E64DEF61BCC441604C 14416 ----a-w- C:\0\CPUTEMP\WinRing0.sys 2014-11-17 19:26:27 0C0195C48B6B8582FA6F6373032118DA 14544 ----a-w- C:\0\CPUTEMP\WinRing0x64.sys 2014-11-17 19:26:18 D41751F0C2A76575363D0AE048400953 53 ----a-w- C:\Users\S U R F E N\Downloads\RealTemp_370\RTShutDown.bat 2014-11-17 19:26:18 845AF1BA23C8D5E64DEF61BCC441604C 14416 ----a-w- C:\Users\S U R F E N\Downloads\RealTemp_370\WinRing0.sys 2014-11-17 19:26:18 0C0195C48B6B8582FA6F6373032118DA 14544 ----a-w- C:\Users\S U R F E N\Downloads\RealTemp_370\WinRing0x64.sys 2014-11-17 19:25:02 EEFFC3332C14D37B3D09C0F79607CC08 330853 ----a-w- C:\Users\S U R F E N\Downloads\RealTemp_370.zip 2014-11-15 05:42:58 F6AF80581A85F657CFCD8ADC7ED0B3DA 2379264 ----a-w- C:\Windows\System32\win32k.sys 2014-11-15 05:42:32 1E1845606C5A4579F7F3D95796CC1ED1 136632 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-913790430-1820616755-2066786237-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Speccy"="C:\Program Files\Speccy\Speccy.exe /totray" [HKEY_USERS\S-1-5-21-913790430-1820616755-2066786237-1001\Software\Microsoft\Windows\CurrentVersion\Run] "EPSON Stylus DX8400 Series"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU C:\Windows\TEMP\E_S8962.tmp /EF HKCU" "EPSON Stylus DX8400 Series (Kopie 1)"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU C:\Windows\TEMP\E_S8C3F.tmp /EF HKCU" "EPSON Stylus DX8400 Series (Kopie 2)"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU C:\Windows\TEMP\E_S855C.tmp /EF HKCU" [HKEY_USERS\S-1-5-21-913790430-1820616755-2066786237-1002\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-913790430-1820616755-2066786237-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="C:\Program Files\AVG\AVG2015\avgui.exe /TRAYONLY" "FAHConsole"="C:\Program Files\File Association Helper\FAHConsole.exe" "S7UB Start"="D:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe -StartDB" "BlueStacks Agent"="C:\Program Files\BlueStacks\HD-Agent.exe" "Trend Micro RUBotted V2.0 Beta"="C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "MSPCLOCK"="rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}" "MSPQM"="rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}" "MSKSSRV"="rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}" "MSTEE.CxTransform"="rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install" "MSTEE.Splitter"="rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install" "WDM_DRMKAUD"="rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install" "Malwarebytes Anti-Malware (cleanup)"="rundll32.exe C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll,ProcessCleanupScript" "PLCSIM"="s7epatsx.exe -silent" "*WerKernelReporting"="%SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Speccy"="C:\Program Files\Speccy\Speccy.exe /totray" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\InstallerLauncher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="InstallerLauncher" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Bitdefender\\SetupInformation\\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\\setuplauncher.exe\" /run:\"C:\\Program Files\\Common Files\\Bitdefender\\SetupInformation\\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\\Installer.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "Advanced SystemCare 6"="\"C:\\Program Files\\IObit\\Advanced SystemCare 6\\ASCTray.exe\" /AutoStart" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:0C:\ProgramC:Files\Google\Update\GoogleUpdate.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\ChemTable Startup Checker" ["C:\Program Files\Autorun Organizer\ChemtableStartupChecker.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] ==== Firefox Extensions ====================== ProfilePath: C:\Users\SURFEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\i2qu5y9p.default - Undetermined - C:\Program Files\IObit Apps Toolbar\FF AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaaacalgebmfelllfiaoknifldpngjh - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx[] Google Docs - S U R F E N\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - S U R F E N\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - S U R F E N\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - S U R F E N\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Advanced SystemCare Surfing Protection - S U R F E N\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd Google Wallet - S U R F E N\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - S U R F E N\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.yahoo.com/?fr=avantsearch6" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallerLauncher deleted successfully ==== HijackThis Entries ====================== O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [FAHConsole] C:\Program Files\File Association Helper\FAHConsole.exe O4 - HKLM\..\Run: [S7UB Start] "D:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe" -StartDB O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe O4 - HKLM\..\Run: [Trend Micro RUBotted V2.0 Beta] C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe O4 - HKLM\..\RunOnce: [MSPCLOCK] rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000} O4 - HKLM\..\RunOnce: [MSPQM] rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196} O4 - HKLM\..\RunOnce: [MSKSSRV] rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196} O4 - HKLM\..\RunOnce: [MSTEE.CxTransform] rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install O4 - HKLM\..\RunOnce: [MSTEE.Splitter] rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install O4 - HKLM\..\RunOnce: [WDM_DRMKAUD] rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript O4 - HKLM\..\RunOnce: [PLCSIM] s7epatsx.exe -silent O4 - HKLM\..\RunOnce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq O4 - HKCU\..\Run: [Speccy] "C:\Program Files\Speccy\Speccy.exe" /totray O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-913790430-1820616755-2066786237-1001\..\Run: [EPSON Stylus DX8400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\Windows\TEMP\E_S8962.tmp" /EF "HKCU" (User 'S U R F E N') O4 - HKUS\S-1-5-21-913790430-1820616755-2066786237-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-913790430-1820616755-2066786237-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O23 - Service: Automation License Manager Service (almservice) - SIEMENS AG - D:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgwdsvc.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-UpdaterService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Trend Micro RUBotted Service (RUBotSrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe O23 - Service: S7 HSP Service (s7hspsvx) - SIEMENS AG - D:\Program Files\Siemens\Step7\s7bin\s7hspsvx.exe O23 - Service: SIMATIC IEPG Help Service (s7oiehsx) - SIEMENS AG - D:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe O23 - Service: S7TraceServiceX - SIEMENS AG - D:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe ==== Empty IE Cache ====================== C:\Users\Papa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\S U R F E N\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\S U R F E N\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\S U R F E N\AppData\Local\Mozilla\Firefox\Profiles\i2qu5y9p.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\S U R F E N\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=321 folders=109 46908832 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Papa\AppData\Local\Temp will be emptied at reboot C:\Users\S U R F E N\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Papa\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\S U R F E N\AppData\Local\Temp\FXSAPIDebugLogFile.txt" not deleted ==== EOF on wo 19/11/2014 at 23:29:46,89 ======================