Zoek.exe v5.0.0.0 Updated 08-December-2014 Tool run by anne on di 09/12/2014 at 18:28:16,51. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\anne\Desktop\zoek.exe.com [Scan all users] [Script inserted] ==== System Restore Info ====================== 9/12/2014 18:29:32 Zoek.exe System Restore Point Created Succesfully. ==== Torpig Check ====================== HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-300720333-2153760283-3491995548-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1AC92296-D72B-4066-B2A2-296FAE70B916} deleted successfully HKEY_USERS\S-1-5-21-300720333-2153760283-3491995548-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93B8E514-C169-405B-BCB6-D3088C4BF9F6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully HKEY_CLASSES_ROOT\CLSID\{31264A33-A653-46C4-AF49-1232C59A7DA5} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{31264A33-A653-46C4-AF49-1232C59A7DA5} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Flash Player 15 Plugin Adobe Reader XI (11.0.09) - Nederlands Ashampoo AppLauncher (Medion) v.1.0.0 BS.Player FREE CyberLink Home Cinema 10 CyberLink LabelPrint 2.5 CyberLink MediaEspresso 6.5 CyberLink PhotoDirector 4 CyberLink Power2Go 8 CyberLink PowerDirector 11 CyberLink PowerDVD 10 CyberLink PowerDVD Copy 1.5 CyberLink PowerRecover CyberLink YouCam 5 D3DX10 Dolby Digital Plus Home Theater Fotogalerie Fotogalerija Fot˘t r Galerie de photos Intel(R) PRO/Wireless Driver Intel(R) Processor Graphics Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed Intel(R) Trusted Execution Engine Intel(R) Trusted Execution Engine Driver Intel(R) Virtual Buttons Intel(R) Wireless Bluetooth(R)(patch version 17.0.1427.2) Intel© PROSet/Wireless Software Intel© PROSet/Wireless WiFi Software Java 8 Update 25 Java Auto Updater McAfee LiveSafe - Internet Security McAfee Security Scan Plus McAfee SiteAdvisor Microsoft Application Error Reporting Microsoft Office 365 - nl-nl Microsoft OneDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Movie Maker Mozilla Firefox 33.1 (x86 nl) Mozilla Maintenance Service MSVCRT MSVCRT110 MSVCRT110_amd64 NXP NXPNFCDriver 1.4.7.2 Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component PDF Writer for Windows 8 PHotkey Photo Common Photo Gallery Raccolta foto Realtek Card Reader Realtek High Definition Audio Driver Speccy Windows Live Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe C:\Program Files (x86)\PHotkey\PHotkey.exe C:\Program Files (x86)\PHotkey\MsgTranAgt.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\PHotkey\GPMTray.exe C:\Program Files (x86)\PHotkey\KeyboardMonitorTool.exe C:\Program Files (x86)\PHotkey\Dolbyosd.exe C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe c:\PROGRA~2\mcafee\SITEAD~1\saui.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\anne\AppData\Roaming\Mozilla\Firefox\Profiles\rhow4nuq.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20140912_1852_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\default-search.xml deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted C:\Users\anne\Downloads\bsplayer267.1076(1).exe deleted C:\Users\anne\Downloads\bsplayer267.1076.exe deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\BS_Player_ControlBar_B deleted C:\Users\anne\AppData\Roaming\Mozilla\Firefox\Profiles\rhow4nuq.default\CT3329621 deleted C:\Users\anne\AppData\Roaming\Mozilla\Firefox\Profiles\rhow4nuq.default\extensions\abs@avira.com deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3987 MB CPU Info: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz CPU Speed: 2208,5 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1536 X 864 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Bluetooth Device (Personal Area Network) | Intel(R) Dual Band Wireless-AC 3160 CD / DVD Drives: No optical drives found. Ports: COM2 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 56,5GB | D: 405,8GB | E: 60,0GB Hard Disks - Free: C: 18,0GB | D: 405,6GB | E: 43,6GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | MEDION - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: Medion Akoya S6214T Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: McAfee Antivirus en antispyware On-access scanning disabled (Outdated) Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: McAfee Antivirus en antispyware disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: McAfee Firewall disabled Default Browser: Firefox 33.1 Internet Explorer Version: 11.0.9600.17416 Mozilla Firefox version: 33.1 (x86 nl) Adobe Reader version: 11.0.9.29 Sun Java version: 1.8.0_25 (32-bit) Sun Java version: 1.8.0_25 (64-bit) Flash Player version: 15.0.0.246 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-11-10 16:06:30 ACDBE1ED38167C8B01B8F63161BB2CEA 2374784 ----a-w- C:\Windows\explorer.exe ====== C:\Users\anne\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-12-07 19:35:46 A042349B7208BF8BED858B1E9B48B06D 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-11-14 15:30:25 6D2EE96150E35B9EA49F2B481DE0369A 177472 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2014-11-14 15:30:25 4E1207CE16E615B0B7A70DC889F4500E 563976 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2014-11-14 15:30:23 9F08A6608F98B5407E7DDBCF306573EF 27456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys 2014-11-14 15:27:43 DE8D12B4C3F55FA2C5E9774314F6C58A 258368 ----a-w- C:\Windows\Sysnative\drivers\WdFilter.sys 2014-11-14 15:27:42 4AD874CDC812EC156265E451B6B09DAB 114496 ----a-w- C:\Windows\Sysnative\drivers\WdNisDrv.sys 2014-11-14 15:27:41 0359607177E5E9F6041136CC0A5CB0B6 35320 ----a-w- C:\Windows\Sysnative\drivers\WdBoot.sys 2014-11-14 15:26:13 CCB3A2BB60FE5073F2DEA63FE83CF8FE 2497344 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2014-11-14 15:26:05 E3FCE2A6B3533D99A3B498504DF9CC47 474432 ----a-w- C:\Windows\Sysnative\drivers\netio.sys 2014-11-14 15:25:55 66732C13628BDB1AB0D6FD46027327C2 148800 ----a-w- C:\Windows\Sysnative\drivers\USBSTOR.SYS 2014-11-14 15:25:53 7F23E38C5B6448F91439E4066645191E 428864 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2014-11-11 08:15:41 29F981739E50305128022CBE10B3659C 197704 ----a-w- C:\Windows\Sysnative\drivers\HipShieldK.sys 2014-11-10 18:44:42 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_LocationProvider_01_11_00.Wdf 2014-11-10 18:10:02 6416E79A58A8FCC33A447A4DDDD3BF04 412160 ----a-w- C:\Windows\Sysnative\drivers\srv.sys 2014-11-10 18:10:00 5BED3AB69797C8786EF70AEA8C33748B 674816 ----a-w- C:\Windows\Sysnative\drivers\srv2.sys 2014-11-10 18:10:00 038C77D577900EE39410662478BB0D50 2009920 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2014-11-10 18:09:58 FF78D053A05E5A394F4E3C1816CC65A8 143680 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys 2014-11-10 18:09:58 64CA2B4A49A8EAF495E435623ECCE7DB 310080 ----a-w- C:\Windows\Sysnative\drivers\volsnap.sys 2014-11-10 18:09:58 240C5C3793206725AA05665851E8C214 412992 ----a-w- C:\Windows\Sysnative\drivers\spaceport.sys 2014-11-10 18:09:55 D047CD668E6277FD80F0C613946F034C 246272 ----a-w- C:\Windows\Sysnative\drivers\srvnet.sys 2014-11-10 18:09:55 26ACA481FAFEC59FE311D719E3027BBA 446976 ----a-w- C:\Windows\Sysnative\drivers\nwifi.sys 2014-11-10 18:09:54 FEF0BC107812B36849741C3211BA6B60 419648 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys 2014-11-10 18:09:52 9C096BF5E10CA8BFA56F32522A89FAF1 79872 ----a-w- C:\Windows\Sysnative\drivers\IPMIDrv.sys 2014-11-10 18:09:51 E4B4BE2D7750849C07589DA0B0AABA01 1118040 ----a-w- C:\Windows\Sysnative\drivers\ndis.sys 2014-11-10 18:09:51 D4B7ED39C7900384D9E5C1283F1E7926 76800 ----a-w- C:\Windows\Sysnative\drivers\hdaudbus.sys 2014-11-10 18:09:51 C910E5D18958914A66F0E45689D0B40A 206848 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2014-11-10 18:09:51 B1AA3B19A2E596A59224F893E01A5A75 126464 ----a-w- C:\Windows\Sysnative\drivers\NdisImPlatform.sys 2014-11-10 18:09:47 91ED124E261EA8FAA1C0FFDF2A71B0C4 280384 ----a-w- C:\Windows\Sysnative\drivers\pci.sys 2014-11-10 18:09:46 1DD05F4857C2188744B9E864658949DD 295424 ----a-w- C:\Windows\Sysnative\drivers\ks.sys 2014-11-10 18:09:34 25BB93167DEF270188072603F92A1EF5 118272 ----a-w- C:\Windows\Sysnative\drivers\bthpan.sys 2014-11-10 16:14:17 97B9076611291AE4C4C107BC915BD026 1200640 ----a-w- C:\Windows\Sysnative\drivers\bthport.sys 2014-11-10 16:14:17 65392F3F3F65E4C6CC82A0F4F8A0B051 468288 ----a-w- C:\Windows\Sysnative\drivers\USBHUB3.SYS 2014-11-10 16:14:16 E0927EFA25D473367C3341B9F5969779 115712 ----a-w- C:\Windows\Sysnative\drivers\bridge.sys 2014-11-10 16:06:13 8DF1254093B5C354CE725EB6B9B0DE19 146752 ----a-w- C:\Windows\Sysnative\drivers\msgpioclx.sys 2014-11-10 15:59:03 313DCE665B57000B18CB26C6B6A10DFE 1557848 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys ====== C:\Windows\Tasks ====== 2014-11-10 19:11:34 FF0BD9303F59B02EF3D68F5DF666B7FC 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-10 19:11:34 B92F153EE721E79BD26A397896294905 3828 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater 2014-11-10 15:27:38 84A23F834A40AC35CB19E3A46D53AD16 5060 ----a-w- C:\Windows\Sysnative\Tasks\Microsoft Office 15 Sync Maintenance for Dries-Anne-1-anne Dries-Anne-1 2014-11-10 15:27:33 183FB90AFE9FEF0C00897DE5A34E11DE 3102 ----a-w- C:\Windows\Sysnative\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-300720333-2153760283-3491995548-1001 2014-11-10 15:19:26 F5FF9BAE8625786475534EE4C137DD7A 3970 ----a-w- C:\Windows\Sysnative\Tasks\User_Feed_Synchronization-{9CDB10DD-2446-4D32-B2E4-CC78C6F73126} 2014-11-10 15:12:09 894EA0DE17ABCB7B5C490C62D511DF3E 3596 ----a-w- C:\Windows\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-300720333-2153760283-3491995548-1001 ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-12-07 19:53:41 -------- d-----w- C:\Program Files\trend micro 2014-12-07 19:41:08 -------- d-----w- C:\Program Files\Speccy 2014-11-10 17:23:45 -------- d-----w- C:\Program Files\PDF Writer for Windows 8 2014-11-10 15:20:54 -------- d-----w- C:\Program Files\Microsoft Office 15 ======= C:\PROGRA~2 ===== 2014-12-07 19:35:47 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-12-07 19:35:18 -------- d-----w- C:\PROGRA~2\Java 2014-11-10 17:55:09 -------- d-----w- C:\PROGRA~2\Webteh 2014-11-10 16:16:37 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service 2014-11-10 16:14:25 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe 2014-11-10 16:14:25 -------- d-----w- C:\PROGRA~2\Adobe 2014-11-10 15:26:15 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER ======= C: ===== 2014-12-07 19:45:03 8D987BE841B404B83E6CE18C33C44C88 55 ----a-w- C:\AdwCleanerDebug.txt ====== C:\Users\anne\AppData\Roaming ====== 2014-12-07 19:34:22 -------- d-----w- C:\Users\anne\AppData\Locallow\Sun 2014-11-28 15:53:24 -------- d-----w- C:\Users\anne\AppData\Locallow\Adobe 2014-11-19 19:03:24 -------- d-sh--w- C:\Users\anne\AppData\Local\EmieBrowserModeList 2014-11-19 19:02:37 -------- d-sh--w- C:\Users\anne\AppData\Locallow\EmieBrowserModeList 2014-11-18 18:24:07 -------- d-----w- C:\Users\anne\AppData\Local\ElevatedDiagnostics 2014-11-18 18:20:23 -------- d-----w- C:\Users\anne\AppData\Local\Diagnostics 2014-11-10 18:44:45 -------- d-s---w- C:\Windows\serviceprofiles\Localservice\AppData\Locallow\Microsoft 2014-11-10 18:13:18 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\AviraSpeedup 2014-11-10 17:57:42 -------- d-----w- C:\Users\anne\AppData\Roaming\CyberLink 2014-11-10 17:55:11 -------- d-----w- C:\Users\anne\AppData\Roaming\BSplayer Pro 2014-11-10 17:55:11 -------- d-----w- C:\Users\anne\AppData\Roaming\BSplayer 2014-11-10 17:41:12 -------- d-s---w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft 2014-11-10 16:16:44 -------- d-----w- C:\Users\anne\AppData\Roaming\Mozilla 2014-11-10 16:16:44 -------- d-----w- C:\Users\anne\AppData\Local\Mozilla 2014-11-10 16:11:40 -------- d-----w- C:\Users\anne\AppData\Local\Adobe 2014-11-10 15:19:24 -------- d-sh--w- C:\Users\anne\AppData\Locallow\EmieUserList 2014-11-10 15:19:24 -------- d-sh--w- C:\Users\anne\AppData\Local\EmieUserList 2014-11-10 15:19:24 -------- d-sh--w- C:\Users\anne\AppData\Local\EmieSiteList 2014-11-10 15:19:19 -------- d-sh--w- C:\Users\anne\AppData\Locallow\EmieSiteList 2014-11-10 15:11:20 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm 2014-11-10 15:09:19 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking 2014-11-10 15:08:19 -------- d-----w- C:\Users\anne\AppData\Local\CyberLink 2014-11-10 15:07:37 -------- d-----w- C:\Users\anne\AppData\Local\Power2Go8 2014-11-10 15:06:31 -------- d-----r- C:\Users\anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-11-10 15:06:31 -------- d-----r- C:\Users\anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-11-10 15:06:23 -------- d-----w- C:\Users\anne\AppData\Roaming\Adobe 2014-11-10 15:06:22 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft 2014-11-10 15:06:22 -------- d-----w- C:\Users\anne\AppData\Local\VirtualStore 2014-11-10 15:06:09 -------- d-----w- C:\Users\anne\AppData\Local\Packages 2014-11-10 15:06:08 -------- d-s---w- C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft 2014-11-10 15:05:47 -------- d-----w- C:\Users\anne\AppData\Roaming\Intel 2014-11-10 15:05:29 -------- d-s---w- C:\Users\anne\AppData\Locallow\Microsoft 2014-11-10 15:05:28 -------- d-s---w- C:\Users\anne\AppData\Roaming\Microsoft 2014-11-10 15:05:28 -------- d-----w- C:\Users\anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-11-10 15:05:28 -------- d-----w- C:\Users\anne\AppData\Local\Temp 2014-11-10 15:05:28 -------- d-----w- C:\Users\anne\AppData\Local\Microsoft 2014-11-10 15:05:28 -------- d-----r- C:\Users\anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-10 15:05:28 -------- d-----r- C:\Users\anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-11-10 15:05:28 -------- d-----r- C:\Users\anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-11-10 14:57:28 -------- d-s---w- C:\Windows\SysNative\config\systemprofile\AppData\Locallow\Microsoft ====== C:\Users\anne ====== 2014-12-07 19:53:00 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\anne\Downloads\RSITx64.exe 2014-12-07 19:44:43 AF506E0B71016682293AC3814A7D62BA 2153472 ----a-w- C:\Users\anne\Downloads\adwcleaner_4.104.exe 2014-12-07 19:41:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2014-12-07 19:40:05 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\anne\Downloads\spsetup126.exe 2014-12-07 19:35:50 -------- d-----w- C:\ProgramData\Sun 2014-12-07 19:35:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-12-07 19:35:23 -------- d-----w- C:\ProgramData\Oracle 2014-12-07 19:34:15 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\anne\Desktop\jxpiinstall.exe 2014-11-10 17:58:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player 2014-11-10 17:23:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Writer for Windows 8 2014-11-10 16:16:37 -------- d-----w- C:\ProgramData\Mozilla 2014-11-10 16:14:01 -------- d-----w- C:\ProgramData\Adobe 2014-11-10 15:27:22 -------- d-----w- C:\ProgramData\Microsoft OneDrive 2014-11-10 15:21:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2014-11-10 15:13:26 -------- d---a-r- C:\Users\anne\OneDrive 2014-11-10 15:06:30 -------- d-----r- C:\Users\anne\Searches 2014-11-10 15:06:30 -------- d-----r- C:\Users\anne\Contacts 2014-11-10 15:05:28 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\anne\ntuser.ini 2014-11-10 15:05:28 -------- d--h--w- C:\Users\anne\AppData 2014-11-10 15:05:28 -------- d-----w- C:\Users\anne\Roaming 2014-11-10 15:05:28 -------- d-----r- C:\Users\anne\Videos 2014-11-10 15:05:28 -------- d-----r- C:\Users\anne\Saved Games 2014-11-10 15:05:28 -------- d-----r- C:\Users\anne\Pictures 2014-11-10 15:05:28 -------- d-----r- C:\Users\anne\Music 2014-11-10 15:05:28 -------- d-----r- C:\Users\anne\Links 2014-11-10 15:05:28 -------- d-----r- C:\Users\anne\Favorites 2014-11-10 15:05:28 -------- d-----r- C:\Users\anne\Downloads 2014-11-10 15:05:28 -------- d-----r- C:\Users\anne\Documents 2014-11-10 15:05:28 -------- d-----r- C:\Users\anne\Desktop 2014-11-10 14:57:12 -------- d--h--r- C:\Users\Public\AccountPictures ====== C: exe-files == 2014-12-07 19:53:42 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\anne.exe 2014-12-07 19:53:00 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\anne\Downloads\RSITx64.exe 2014-12-07 19:44:43 AF506E0B71016682293AC3814A7D62BA 2153472 ----a-w- C:\Users\anne\Downloads\adwcleaner_4.104.exe 2014-12-07 19:40:05 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\anne\Downloads\spsetup126.exe 2014-12-07 19:35:40 AA3520FB0133A56BEE1DB34D74DBEF64 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2014-12-07 19:35:40 75D477E868CA51EC1B09D730570F322B 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2014-12-07 19:35:40 691D49FB44EDE9788288CABE4F7E0DAF 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2014-12-07 19:35:31 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\pack200.exe 2014-12-07 19:35:31 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmid.exe 2014-12-07 19:35:31 A458E2535E46151690E53E2A03FAA711 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\keytool.exe 2014-12-07 19:35:31 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\kinit.exe 2014-12-07 19:35:31 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\orbd.exe 2014-12-07 19:35:31 75EE99C7F0038C746D82C76221ECA4EF 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\policytool.exe 2014-12-07 19:35:31 67F763B09F4BC8689E6FA9761E068D74 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\unpack200.exe 2014-12-07 19:35:31 57E1F756FAA787623DFCD2C1B2AACC68 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssvagent.exe 2014-12-07 19:35:31 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\klist.exe 2014-12-07 19:35:31 33D2AF53E209DA3E2BA939EB89801DC0 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmiregistry.exe 2014-12-07 19:35:31 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\servertool.exe 2014-12-07 19:35:31 28FC00F89631B0F6E1E9CA386FADD566 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\tnameserv.exe 2014-12-07 19:35:31 26C7F32186B1F0364CD06EA69227A79D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ktab.exe 2014-12-07 19:35:30 BB8C890E3E6372F2720709262BD42BF4 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jabswitch.exe 2014-12-07 19:35:30 B719E0F43166037DF46B5CFBE60A5118 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jjs.exe 2014-12-07 19:35:30 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe 2014-12-07 19:35:30 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe 2014-12-07 19:35:30 74713E9C1B01B152DDD3A1A3519A3647 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java-rmi.exe 2014-12-07 19:35:30 70E67429D2C011FD0419AF899A8D0D70 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe 2014-12-07 19:35:30 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe 2014-12-07 19:35:30 4367C05B0CF5553E71B34F51003D0615 76200 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2launcher.exe 2014-12-07 19:34:15 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\anne\Desktop\jxpiinstall.exe 2014-12-03 06:02:39 0DE1C4B1585853A8017A2422B745C3E8 836168 ----a-w- C:\Windows\Temp\0075891417586559mcinst.exe === C: other files == 2014-12-09 17:26:21 E4D04A6AC8A6FE28693374DD13D6C0EC 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-300720333-2153760283-3491995548-1001\$IK9NS16.zip 2014-12-09 17:25:23 60061EE18124B246BA21F062357E532F 2847942 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-300720333-2153760283-3491995548-1001\$RK9NS16.zip 2014-12-07 19:35:31 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\lib\deploy\ffjcext.zip 2014-12-05 16:32:36 FBBFAC76427A8C05112F856A896EFAE9 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-300720333-2153760283-3491995548-1001\$I3USKPM.zip 2014-12-05 16:21:52 AF01E1A0CBB8A38A54EA9DE543164275 428858 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-300720333-2153760283-3491995548-1001\$R3USKPM.zip ==== Startup Registry Enabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "CLMLServer_For_P2G8"="C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R" "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "YouCam Service"="C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe /s" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4" "BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll,TrayApp" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/12/2014 18:43] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\DolbySelectorTask" [%ProgramFiles%\Dolby Digital Plus\ddp.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{9CDB10DD-2446-4D32-B2E4-CC78C6F73126}" [C:\Windows\system32\msfeedssync.exe] ==== Folders in C:\PROGRA~3 0-6 Months Old ====================== 2014-07-09 11:37:38 -------- d-----w- C:\PROGRA~3\CyberLink 2014-07-09 11:37:39 -------- d-----w- C:\PROGRA~3\CLSK 2014-07-09 11:38:51 -------- d-----w- C:\PROGRA~3\install_clap 2014-08-08 03:32:12 -------- d-----w- C:\PROGRA~3\Intel 2014-08-08 03:51:39 -------- d-----w- C:\PROGRA~3\Intel.sav 2014-08-08 03:52:00 -------- d-----w- C:\PROGRA~3\Roaming 2014-08-08 05:54:25 -------- d-----w- C:\PROGRA~3\Medion 2014-11-10 15:27:22 -------- d-----w- C:\PROGRA~3\Microsoft OneDrive 2014-11-10 16:14:01 -------- d-----w- C:\PROGRA~3\Adobe 2014-11-10 16:16:37 -------- d-----w- C:\PROGRA~3\Mozilla 2014-11-10 19:11:38 -------- d-----w- C:\PROGRA~3\McAfee Security Scan 2014-12-07 19:35:23 -------- d-----w- C:\PROGRA~3\Oracle 2014-12-07 19:35:50 -------- d-----w- C:\PROGRA~3\Sun ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [21/11/2014 16:37] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04/04/2014 11:36] ==== Firefox Extensions ====================== ProfilePath: C:\Users\anne\AppData\Roaming\Mozilla\Firefox\Profiles\rhow4nuq.default - McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor - Undetermined - {4ED1F68A-5463-4931-9384-8FFF5ED91D92} - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\anne\AppData\Roaming\Mozilla\Firefox\Profiles\rhow4nuq.default 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013 ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bopakagnckmlgajfccecajhnimjiiedh - No path found[] fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[30/10/2014 14:36] flliilndjeohchalpbbcdekjklbdgfkk - No path found[] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/?gws_rd=ssl" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/?gws_rd=ssl" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {AB94D54B-6ABC-4763-B0A7-E978FE8ECBDF} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-154558-44482-6/4 (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-154558-44482-6/4 (file missing) (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PGFNEX Service (PGFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\anne\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\anne\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\anne\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\anne\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\anne\AppData\Local\Mozilla\Firefox\Profiles\rhow4nuq.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=132 folders=36 109250176 bytes) ==== Empty Temp Folders ====================== C:\Users\anne\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\anne\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 09/12/2014 at 19:04:47,14 ======================