Zoek.exe v5.0.0.0 Updated 08-December-2014 Tool run by julian on wo 10-12-2014 at 16:40:44,72. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\julian\Desktop\zoek.exe.scr [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-12-09-152609.log 89715 bytes ==== Empty Folders Check ====================== C:\Users\Administrator\AppData\Local\Comodo deleted successfully C:\Users\Gast\AppData\Local\Comodo deleted successfully C:\Users\Gast\AppData\Local\Google deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google deleted successfully C:\Users\julian\AppData\Local\Comodo deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe C:\Windows\system32\hasplms.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe C:\Windows\system32\PnkBstrA.exe C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe D:\dead island\Steam.exe C:\Program Files (x86)\Origin\Origin.exe C:\Users\julian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\julian\AppData\Roaming\BitTorrent\BitTorrent.exe C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Program Files (x86)\Gyazo\GyStation.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\julian\AppData\Roaming\Spotify\spotify.exe C:\Users\julian\AppData\Roaming\Curse Client\Bin\Curse.exe C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Users\julian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\julian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\julian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\julian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\julian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe D:\dead island\bin\steamwebhelper.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe c:\PROGRA~2\mcafee\SITEAD~1\saui.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClient.exe C:\Program Files (x86)\CEVO\CSGO Client Beta\Celavimus.Browser.Sandbox.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Popcorn Time deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time deleted "C:\Users\Public\Desktop\Popcorn Time.lnk" deleted "C:\Windows\Installer\303f2.msi" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 16340 MB CPU Info: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz CPU Speed: 3500,6 MHz Sound Card: Speakers (Realtek High Definiti | 1 - PL2377 (AMD High Definition | Realtek Digital Output (Realtek | Realtek Digital Output(Optical) | Display Adapters: AMD Radeon HD 7800 Series | AMD Radeon HD 7800 Series | AMD Radeon HD 7800 Series | AMD Radeon HD 7800 Series | AMD Radeon HD 7800 Series | AMD Radeon HD 7800 Series | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 2x; Algemeen PnP-beeldscherm | Algemeen PnP-beeldscherm | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Anchorfree HSS VPN Adapter #2 | Anchorfree HSS VPN Adapter | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (F: | ) F: Optiarc DVD RW AD-5280S Ports: COM1 LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 104,8GB | D: 931,5GB | E: 14,5GB | Q: 0,0MB Hard Disks - Free: C: 6,3GB | D: 638,6GB | E: 8,2GB | Q: 0,0MB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 02/16/12 | ALASKA - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK COMPUTER INC. P8Z77-M PRO Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: McAfee Antivirus en antispyware On-access scanning disabled (Outdated) Anti-Spyware: McAfee Antivirus en antispyware disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: McAfee Firewall disabled Default Browser: Google Chrome 39.0.2171.71 Internet Explorer Version: 11.0.9600.17420 Mozilla Firefox version: 33.1 (x86 nl) Google Chrome version: 39.0.2171.71 Adobe Reader version: 11.0.0.379 Sun Java version: 1.8.0_25 (32-bit) Sun Java version: 1.8.0_25 (64-bit) Flash Player version: 15.0.0.246 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\julian\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-11-12 10:00:53 41774FF331F609EF442B7398EE6202B1 155064 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\julian\AppData\Roaming ====== 2014-12-09 15:24:09 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-12-09 15:24:09 -------- d-----w- C:\Users\julian\AppData\Local\Temp 2014-12-09 15:24:09 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-12-09 15:24:09 -------- d-----w- C:\Users\Default User\AppData\Local\Temp ====== C:\Users\julian ====== 2014-12-08 16:42:50 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\julian\Downloads\RSITx64 (1).exe 2014-12-08 16:41:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\julian\Downloads\RSITx64.exe ====== C: exe-files == 2014-12-10 15:31:31 450BDEE760894CE151404E41819E964F 1097808 ----a-w- C:\Program Files (x86)\Google\Update\Install\{3F50861A-E194-4AA6-B59F-FFF88B4B6367}\39.0.2171.95_39.0.2171.71_chrome_updater.exe 2014-12-10 15:31:31 450BDEE760894CE151404E41819E964F 1097808 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.95\39.0.2171.95_39.0.2171.71_chrome_updater.exe 2014-12-10 10:12:20 0F901EE41FF20347C106D663F24931F9 679752 ----a-w- C:\Users\julian\AppData\Local\Google\Chrome\User Data\SwReporter\2.6.2\software_reporter_tool.exe 2014-12-09 15:26:59 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateSetup.exe 2014-12-09 15:26:59 5B4ED5734945619EE3BCDB9825D2F526 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe 2014-12-09 15:26:59 06036279056145E0F08FC095CB789E6A 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateBroker.exe 2014-12-09 15:26:54 F172AD4E906D97ED8F071896FC6789DC 107912 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdate.exe 2014-12-09 15:26:54 EDD3E562684CB4C50704B471BEAB1F86 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe 2014-12-09 15:26:54 CB8C1CC4F46FBAC78150754D77460C73 230792 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe 2014-12-09 15:26:54 7161E8E31B7FD3B1CE083C2CA5FD5F44 285064 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe 2014-12-09 15:26:53 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.11\GoogleUpdateSetup.exe 2014-12-08 16:42:50 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\julian\Downloads\RSITx64 (1).exe 2014-12-08 16:41:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\julian\Downloads\RSITx64.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Steam"="D:\dead island\Steam.exe -silent" "EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart" "Spotify Web Helper"="C:\Users\julian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "BitTorrent"="C:\Users\julian\AppData\Roaming\BitTorrent\BitTorrent.exe /MINIMIZED" "Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash" "Gyazo"="C:\Program Files (x86)\Gyazo\GyStation.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Spotify"="C:\Users\julian\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "AllShareAgent"="C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe" "Razer Synapse"="C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" "DivXMediaServer"="C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" "mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXBannerAdPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXBannerAdPlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXAccountViewPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXAccountViewPlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDCFServicesPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDCFServicesPlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXLicenseWriterPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXLicenseWriterPlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDownloadManagerPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDownloadManagerPlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXMediaManagerPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXMediaManagerPlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXMediaManagerV2Plugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXMediaManagerV2Plugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXPlayerPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXPlayerPlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXPlaybackServicesPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXPlaybackServicesPlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDevicePanePlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDevicePanePlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXLibraryPanePlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXLibraryPanePlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXTicketManagerPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXTicketManagerPlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDFXAudioPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDFXAudioPlugin.dll,DllRegisterServer" "ST Recovery Launcher"="%WINDIR%\SMINST\VistaLauncher.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Steam"="D:\dead island\Steam.exe -silent" "EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart" "Spotify Web Helper"="C:\Users\julian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "BitTorrent"="C:\Users\julian\AppData\Roaming\BitTorrent\BitTorrent.exe /MINIMIZED" "Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash" "Gyazo"="C:\Program Files (x86)\Gyazo\GyStation.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Spotify"="C:\Users\julian\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ==== Startup Folders ====================== 2014-10-22 09:02:38 1053 ----a-w- C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10-12-2014 11:53] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08-08-2014 15:34] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08-08-2014 15:34] C:\Windows\tasks\GoogleUpdateTaskMachineUA1cff2c634185632.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08-08-2014 15:34] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1cff2c634185632" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GyazoUpdateTaskMachine" ["C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{F937758F-92F3-48EA-9E6D-B5BFCC43B011}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{029673D1-7AD4-4F1E-A4B9-EF9ACE288557}" [C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\LaunchPad.exe] "C:\Windows\SysNative\tasks\{13B3863B-1477-432C-99A3-BB6F0FFA0DAA}" [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] "C:\Windows\SysNative\tasks\{1C415C97-203F-4C70-8D38-644F068AEAF4}" [C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\LaunchPad.exe] "C:\Windows\SysNative\tasks\{1D2062FB-8D38-457C-B545-7C757BCDF582}" [C:\Users\julian\Desktop\games2\Grand Theft Auto IV full game PC + Multiplayer ^^nosTEAM^^\Grand Theft Auto IV\LaunchGTAIV.exe] "C:\Windows\SysNative\tasks\{345D33D5-54F7-4050-8CD6-1898FDAB318B}" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe] "C:\Windows\SysNative\tasks\{5D4E1B59-06CF-4374-8EFE-7D5FC482D592}" [C:\Program Files (x86)\Skype\Phone\Skype.exe] "C:\Windows\SysNative\tasks\{7FE1AA34-0B4A-4EEE-9921-8D8F7D4966E5}" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe] "C:\Windows\SysNative\tasks\{83A96BC4-1DE2-4C38-9E48-C4243152416B}" [C:\Program Files (x86)\Skype\Phone\Skype.exe] "C:\Windows\SysNative\tasks\{91E752DC-09F4-43F2-A5A6-D03654C4CB12}" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe] "C:\Windows\SysNative\tasks\{A07D3C39-8B6E-4907-8145-1E5DA38F0D1D}" [C:\Users\julian\Desktop\games2\I Am Alive PC full game single-player ^^nosTEAM^^\I Am Alive\play-I-AM-Alive.exe] "C:\Windows\SysNative\tasks\{A0CAF408-DF20-410F-B641-76B0FED8F827}" [C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\LaunchPad.exe] "C:\Windows\SysNative\tasks\{B0293800-DF23-472A-A108-6EC4906342CE}" [C:\Riot Games\League of Legends\lol.launcher.exe] "C:\Windows\SysNative\tasks\{E860B412-B717-42E4-8FB9-B68659EA4878}" [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] "C:\Windows\SysNative\tasks\{FDC3DEA1-A692-4560-874F-B8EE5E01C7AB}" [C:\Users\julian\Desktop\games2\I Am Alive PC full game single-player ^^nosTEAM^^\I Am Alive\play-I-AM-Alive.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Analyzer" [C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Processor" [C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [20-11-2014 14:31] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\lo8rxuqr.default-1392750794102 6D657ABADF217DBB17CF0A0AF44A7E29 - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll - Nexon Game Controller ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fheoggkfdfchfphceeifdbepaooicaho - No path found[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14-07-2014 17:22] nppllibpnmahfaklnpggkibhkapjkeob - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\Exts\Chrome.crx[31-05-2013 02:49] Google Docs - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Battlefield Heroes - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh Google Search - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Tampermonkey - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo Lounge Assistant - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\enjonnlehciedbcidabdglnnihcncbml SiteAdvisor - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho AdBlock - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Skype Click to Call - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Extended Protection - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo Gmail - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.selectgo00.selectgo.net_0.localstorage deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.selectgo00.selectgo.net_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Search Page"="http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0613&utm_campaign=installer&utm_content=ds&from=wpm0613&uid=SAMSUNGXSSDX830XSeries_S0XYNEAC638128&ts=1402575993&type=default&q={searchTerms}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\shortcutff@gmail.com deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF268140750FF deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86417005FF} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Popcorn Time_is1 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4EA42A62D9304AC4784BF268140750FF deleted successfully ==== HijackThis Entries ====================== O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\coIEPlg.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\coIEPlg.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXBannerAdPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXAccountViewPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXAccountViewPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDCFServicesPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDCFServicesPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXLicenseWriterPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXLicenseWriterPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDownloadManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXMediaManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXMediaManagerV2Plugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXMediaManagerV2Plugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXPlayerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXPlaybackServicesPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXPlaybackServicesPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDevicePanePlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDevicePanePlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXLibraryPanePlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXLibraryPanePlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXTicketManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXTicketManagerPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDFXAudioPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDFXAudioPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [ST Recovery Launcher] %WINDIR%\SMINST\VistaLauncher.exe O4 - HKCU\..\Run: [Steam] "D:\dead island\Steam.exe" -silent O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\julian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [BitTorrent] "C:\Users\julian\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [Gadwin PrintScreen] "C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [Spotify] "C:\Users\julian\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Curse.lnk = julian\AppData\Roaming\Curse Client\Bin\Curse.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000 (c2wts) - Unknown owner - C:\Program Files (x86)\Windows Identity Foundation\v3.5\c2wtshost.exe (file missing) O23 - Service: Celavimus Client Host (celavimushost) - altPUG LLC - C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing) O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - D:\films\HiPatchService.exe O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service: Overwolf Updater Service (OverwolfUpdaterService) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0WLD3WGU will be deleted at reboot C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6YKBN1I3 will be deleted at reboot C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\POW9FPUA will be deleted at reboot C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WX0R5GCE will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\julian\AppData\Local\Mozilla\Firefox\Profiles\lo8rxuqr.default-1392750794102\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=4159 folders=1107 1870655973 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\julian\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\julian\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted "C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted "C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted "C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted "C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0WLD3WGU" not found "C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6YKBN1I3" not found "C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\POW9FPUA" not found "C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WX0R5GCE" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on wo 10-12-2014 at 17:06:12,15 ======================