Zoek.exe v5.0.0.0 Updated 27-01-2015 Tool run by matthias on wo 28/01/2015 at 19:45:09,84. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\matthias\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 28/01/2015 19:47:00 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\R.G. Mechanics deleted successfully C:\PROGRA~2\Roxio deleted successfully C:\PROGRA~2\SaveLoets deleted successfully C:\PROGRA~2\TinyWalleet deleted successfully C:\PROGRA~3\SaveLoets deleted successfully C:\PROGRA~3\TinyWalleet deleted successfully C:\Users\matthias\AppData\Roaming\Creative deleted successfully C:\Users\matthias\AppData\Roaming\Roxio deleted successfully C:\Users\matthias\AppData\Local\Dell Edoc Viewer deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3683240426-1209236305-1723196143-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4eaa1a9d-4a92-4f00-8ed2-34510703596b} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4eaa1a9d-4a92-4f00-8ed2-34510703596b} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4eaa1a9d-4a92-4f00-8ed2-34510703596b} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{59e4edfb-7c28-411d-a145-cfcea61d0bba} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{59e4edfb-7c28-411d-a145-cfcea61d0bba} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59e4edfb-7c28-411d-a145-cfcea61d0bba} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{790456e5-0b3a-4750-a787-8d9673e69816} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{790456e5-0b3a-4750-a787-8d9673e69816} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{790456e5-0b3a-4750-a787-8d9673e69816} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{79117f2d-583b-4a59-b037-f294a03cadc5} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{79117f2d-583b-4a59-b037-f294a03cadc5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{79117f2d-583b-4a59-b037-f294a03cadc5} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8425d56e-66b0-4061-87ad-63c8eb95a846} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8425d56e-66b0-4061-87ad-63c8eb95a846} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8425d56e-66b0-4061-87ad-63c8eb95a846} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe C:\Program Files (x86)\Browny02\BrYNSvc.exe C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Users\matthias\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4eaa1a9d-4a92-4f00-8ed2-34510703596b}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59e4edfb-7c28-411d-a145-cfcea61d0bba}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{790456e5-0b3a-4750-a787-8d9673e69816}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{79117f2d-583b-4a59-b037-f294a03cadc5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8425d56e-66b0-4061-87ad-63c8eb95a846}] ==== Deleting Files \ Folders ====================== C:\ProgramData\CuheApaMe not found C:\ProgramData\FunDealss not found C:\PROGRAM Files (x86)\uonissalies not found C:\Program Files (x86)\youtubeadblocker not found C:\ProgramData\DiScountExtensi not found C:\Program Files (x86)\SaveLoets not found C:\ProgramData\SaveLoets not found C:\PROGRA~2\Saving Flash deleted C:\ProgramData\emdhflphgiamjnhmaolljneabboajmca deleted C:\ProgramData\2e034dc3f04803a9 deleted C:\Program Files (x86)\DeltaFix deleted C:\ProgramData\floihfoihkljbgeaalmicppknfkoipdd deleted C:\ProgramData\APN deleted C:\Users\matthias\AppData\Roaming\{37E99E86-D615-4B08-937F-F8F935C455F3}_ANZHUANG deleted C:\Users\matthias\AppData\Roaming\GetRightToGo deleted C:\PROGRA~3\Package Cache deleted C:\Users\matthias\AppData\LocalLow\Protect deleted C:\windows\SysNative\drivers\Msft_Kernel_webinstrNew_01009.Wdf deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted "C:\Users\matthias\AppData\Local\{0C011CA7-2392-49B9-A79B-28CBD7A9C0B0}" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 6059 MB CPU Info: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz CPU Speed: 2000,7 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | NVIDIA GeForce GT 550M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter #2 | Microsoft Virtual WiFi Miniport Adapter | Intel(R) WiFi Link 1000 BGN | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVD+-RW GT32N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 209,6GB | E: 14,6GB | F: 451,0GB Hard Disks - Free: C: 117,8GB | E: 6,6GB | F: 406,3GB Manufacturer *: Dell Inc. BIOS Info: AT/AT COMPATIBLE | 05/05/11 | DELL - 2 Time Zone: Romance (standaardtijd) Motherboard *: Dell Inc. 0K4H3G Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Spyware: Windows Defender disabled (Outdated) Internet Explorer Version: 11.0.9600.17501 Google Chrome version: 37.0.2062.124 Adobe Reader version: 10.1.13.16 Sun Java version: 1.8.0_31 (32-bit) Sun Java version: 1.8.0_31 (64-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-01-17 15:38:34 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe 2015-01-17 15:38:34 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe 2015-01-17 15:38:34 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe 2015-01-17 15:38:34 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe 2015-01-17 15:38:34 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe ====== C:\Users\matthias\AppData\Local\Temp ==== ====== Java Cache ===== 2015-01-28 18:40:57 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\matthias\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-3367b64d 2015-01-28 18:40:50 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\matthias\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-4e573526 2015-01-28 18:40:50 FD545455BE083C822D29D8A9D6674628 99 ----a-w- C:\Users\matthias\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap 2015-01-28 18:40:51 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\matthias\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-5a48146a 2015-01-28 18:42:03 30810F09A3FCC03EC583120B033700BC 282329 ----a-w- C:\Users\matthias\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\7e60542d-13fd9391 2015-01-28 18:42:02 67911F367EC150BDC8F2CB46397F0925 845 ----a-w- C:\Users\matthias\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\11dd5f3d-4e1d89e6 2015-01-28 18:42:03 67911F367EC150BDC8F2CB46397F0925 845 ----a-w- C:\Users\matthias\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-73c81217 2015-01-28 18:42:03 0A5B70BF842F8457A4EAB7D3CF21E057 437 ----a-w- C:\Users\matthias\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-e2e4c8970372d2fb4193a7ef29d16f6c3f08527947fcb9208b3a0e48820369fd-6.0.lap ====== C:\Windows\SysWOW64 ===== 2015-01-28 18:40:25 13D186FA6F19823C598335443CE233BC 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-01-14 21:02:25 FE48346938C1CDDDF4E4097DB9B99764 52224 ----a-w- C:\Windows\SysWOW64\nlaapi.dll 2015-01-14 21:02:25 92940397DFFB4D237EA5BB22FF912BDC 156672 ----a-w- C:\Windows\SysWOW64\ncsi.dll 2015-01-14 21:02:23 8A289EF0AE709327D6AA9769E108B5A6 3916728 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2015-01-14 21:02:23 2AF481C03C0383ADE09FFEDA0C583140 3971512 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2015-01-14 21:02:22 9606307F5E1EABA98ACB61206EFC2127 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-01-14 21:02:27 B6A58491307B4CADA572583D863DC602 210432 ----a-w- C:\Windows\Sysnative\profsvc.dll 2015-01-14 21:02:25 8B301D474B478E9A92823BAB50A7BC49 303616 ----a-w- C:\Windows\Sysnative\nlasvc.dll 2015-01-14 21:02:24 2A9C3ADBC3B9D061CACDEFFBED67683C 87040 ----a-w- C:\Windows\Sysnative\TSWbPrxy.exe 2015-01-14 21:02:23 0A70B8D78AF95894E221DDAC6482DF6D 5553592 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2015-01-14 21:02:22 F4846789B3795F14DCB7D92ED1DAF74F 503808 ----a-w- C:\Windows\Sysnative\srcore.dll 2015-01-14 21:02:22 DE595EACC79006E7B15B848BF0831E78 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe 2015-01-14 21:02:22 BA6D609BAB615991E8791CA1DFFD034C 50176 ----a-w- C:\Windows\Sysnative\srclient.dll ====== C:\Windows\Sysnative\drivers ===== 2015-01-18 16:07:47 3CB493641995951F7788378AB0B0791F 57536 ----a-w- C:\Windows\Sysnative\drivers\hcmon.sys 2015-01-16 18:51:37 AE3334958D8F631FF14A0AEB3D7EFB3A 141312 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys ====== C:\Windows\Tasks ====== 2015-01-20 20:15:30 47BDD6556F67823D30248589CDE7AF76 3152 ----a-w- C:\Windows\Sysnative\Tasks\{1E41974E-1DCD-4B3D-BB3F-C0CA23EDA716} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-01-27 19:47:39 -------- d-----w- C:\Program Files\trend micro 2015-01-18 16:07:42 -------- d-----w- C:\Program Files\Common Files\VMware ======= C:\PROGRA~2 ===== 2015-01-28 18:40:26 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2015-01-28 18:40:09 -------- d-----w- C:\PROGRA~2\Java 2015-01-18 16:07:42 -------- d-----w- C:\PROGRA~2\COMMON~1\ThinPrint 2015-01-18 16:07:41 -------- d-----w- C:\PROGRA~2\VMware 2015-01-18 16:07:41 -------- d-----w- C:\PROGRA~2\COMMON~1\VMware 2015-01-01 10:20:10 -------- d-----w- C:\PROGRA~2\Electronic Arts ======= C: ===== ====== C:\Users\matthias\AppData\Roaming ====== 2015-01-28 18:42:08 -------- d-----w- C:\Users\matthias\AppData\Roaming\Oracle 2015-01-28 18:33:48 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Locallow\Sun 2015-01-18 16:09:01 -------- d-----w- C:\Users\matthias\AppData\Local\VMware 2015-01-18 16:07:48 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\VMware 2015-01-18 16:07:48 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\VMware 2015-01-18 16:07:41 -------- d-----w- C:\Users\matthias\AppData\Roaming\VMware 2015-01-17 15:45:17 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp 2015-01-17 15:45:17 -------- d-----w- C:\Users\Public\AppData\Local\temp 2015-01-17 15:45:17 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\temp 2015-01-17 15:45:17 -------- d-----w- C:\Users\Gast\AppData\Local\temp 2015-01-17 15:45:17 -------- d-----w- C:\Users\Default\AppData\Local\temp 2015-01-17 15:45:17 -------- d-----w- C:\Users\Default User\AppData\Local\temp 2015-01-17 15:45:17 -------- d-----w- C:\Users\Administrator\AppData\Local\temp 2015-01-01 10:43:38 -------- d-----w- C:\Users\matthias\AppData\Roaming\Red Alert 3 2015-01-01 10:38:32 -------- d--h--r- C:\Users\matthias\AppData\Roaming\SecuROM ====== C:\Users\matthias ====== 2015-01-28 18:40:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-01-28 18:39:26 6AF69BF32D84229FF9A8904AB8ED28D7 639400 ----a-w- C:\Users\matthias\Downloads\chromeinstall-8u31 (1).exe 2015-01-28 18:38:37 -------- d-----w- C:\ProgramData\Sun 2015-01-28 18:33:12 -------- d-----w- C:\ProgramData\Oracle 2015-01-28 18:32:12 6AF69BF32D84229FF9A8904AB8ED28D7 639400 ----a-w- C:\Users\matthias\Downloads\chromeinstall-8u31.exe 2015-01-27 19:46:29 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\matthias\Downloads\RSITx64.exe 2015-01-18 16:41:42 C228577F0219B756C773E20B5B6ECEAD 849008 ----a-w- C:\Users\matthias\Downloads\Setup.exe 2015-01-18 16:16:43 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Desktop 2015-01-18 16:07:48 -------- d-----w- C:\ProgramData\VMware 2015-01-18 16:04:52 DF0819E250CA5AF7F650BA6C5D0C0460 40858224 ----a-w- C:\Users\matthias\Downloads\VMware-Horizon-View-Client-x86_64-3.2.0-2331566.exe 2015-01-18 16:03:22 57938EFFECDF6665D9902E0A6281525A 302123 ----a-w- C:\Users\matthias\Downloads\BepaalArchitectuur.exe 2015-01-17 15:45:17 -------- d-----w- C:\Users\Public\AppData ====== C: exe-files == 2015-01-28 18:40:16 B0D46640968F989830413EB88F43E0D0 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2015-01-28 18:40:16 52C8B9FD016E6317FDB151296FF90877 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2015-01-28 18:40:16 3E72E1AB196855916E2065C604674631 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2015-01-28 18:40:12 F9D744CD9BC58F287F8FA59D32508EDD 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\orbd.exe 2015-01-28 18:40:12 F5EA785B2BCC08DC28CBC2D96E05F2C1 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe 2015-01-28 18:40:12 DF1C8EDDAF14D2960A06A9DF7B2D0A89 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\java-rmi.exe 2015-01-28 18:40:12 DBB5C8AE19ACFA2857CFB90C7305AC56 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssvagent.exe 2015-01-28 18:40:12 DA34E76DE9CD93471F24E7BD43139958 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\kinit.exe 2015-01-28 18:40:12 CDB1FE0DCF2ADB755EBF65C8AEBBC871 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\servertool.exe 2015-01-28 18:40:12 B0D46640968F989830413EB88F43E0D0 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\java.exe 2015-01-28 18:40:12 AF82EA1498FEC5C49B8A1AE5AA0A5F6C 77224 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2launcher.exe 2015-01-28 18:40:12 A8884FB8246655C84F110E77DF5E1B4A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\ktab.exe 2015-01-28 18:40:12 90C02BD6D01BBC1C620323F9E330E89C 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\jjs.exe 2015-01-28 18:40:12 8B6DF9CD28359C5E819446FD79CE3948 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\rmiregistry.exe 2015-01-28 18:40:12 7479DA0BED071427A3F0017AC51CC27B 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\unpack200.exe 2015-01-28 18:40:12 69BD74EE834B5629226BF89468B8020B 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\keytool.exe 2015-01-28 18:40:12 5F7C51E0DCA813D647F14FC12AE675F2 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\policytool.exe 2015-01-28 18:40:12 577F5DCBA4DE4C345631873670F84E79 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\tnameserv.exe 2015-01-28 18:40:12 52C8B9FD016E6317FDB151296FF90877 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaws.exe 2015-01-28 18:40:12 3E72E1AB196855916E2065C604674631 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe 2015-01-28 18:40:12 39685FC75B6FB2144E793595F1AB111D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\pack200.exe 2015-01-28 18:40:12 2F77C9862B1A2401278C4A5B932DA69D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\klist.exe 2015-01-28 18:40:12 0FB2ACAC796B166F6486B593B604A3FF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\rmid.exe 2015-01-28 18:40:12 063A1044A451660B159426B9C5E75957 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\bin\jabswitch.exe 2015-01-28 18:39:26 6AF69BF32D84229FF9A8904AB8ED28D7 639400 ----a-w- C:\Users\matthias\Downloads\chromeinstall-8u31 (1).exe 2015-01-28 18:32:12 6AF69BF32D84229FF9A8904AB8ED28D7 639400 ----a-w- C:\Users\matthias\Downloads\chromeinstall-8u31.exe 2015-01-27 19:47:39 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\matthias.exe 2015-01-27 19:46:29 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\matthias\Downloads\RSITx64.exe === C: other files == 2015-01-28 18:40:12 3315140254247E248C3531F159C79109 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_31\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3683240426-1209236305-1723196143-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3683240426-1209236305-1723196143-1001\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-21-3683240426-1209236305-1723196143-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" "Dell DataSafe Online"="C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" "ControlCenter4"="C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun" "BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN" "BrHelp"="C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "DSUpdateLauncher"="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe /NOCONSOLE /D=C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate /RUNAS C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe" "STToasterLauncher"="C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe" "Launcher"="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\\WINDOWS\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 " "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "IntelWireless"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel Wireless Tray" "VMware Netlink 3 HV Install Utility"="C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnliu.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Task Scheduler Jobs ====================== C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job --a------ C:\Program Files\Dell Support Center\uaclauncher.exe [22/03/2011 18:20] C:\Windows\tasks\SystemToolsDailyTest.job --a------ C:\Program Files\Dell Support Center\pcdrcui.exe [22/03/2011 18:20] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe] "C:\Windows\SysNative\tasks\PCDEventLauncher" ["C:\Program Files\Dell Support Center\sessionchecker.exe"] "C:\Windows\SysNative\tasks\PCDoctorBackgroundMonitorTask" [C:\Program Files\Dell Support Center\uaclauncher.exe] "C:\Windows\SysNative\tasks\SystemToolsDailyTest" [C:\Program Files\Dell Support Center\pcdrcui.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Gast\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Gast\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Gast\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\matthias\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\matthias\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\UpdatusUser\AppData\Local\Google\Chrome deleted Fake profile C:\Users\UpdatusUser\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\UpdatusUser\AppData\Local\Comodo\Dragon deleted ==== Chromium Look ====================== Google Slides - matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap BrowserTexting - matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\idijdgooojpepbnadlbkiagcmilndffa Gmail - matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\matthias\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully C:\Users\matthias\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal deleted successfully C:\Users\matthias\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\matthias\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\matthias\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_combofix.nl.softonic.com_0.localstorage deleted successfully C:\Users\matthias\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_combofix.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\idijdgooojpepbnadlbkiagcmilndffa deleted successfully C:\Users\matthias\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_idijdgooojpepbnadlbkiagcmilndffa_0.localstorage deleted successfully C:\Users\matthias\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_idijdgooojpepbnadlbkiagcmilndffa_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.mystartsearch.com/web/?type=ds&ts=1420358432&from=wpc&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF675160D&q={searchTerms}" "Default_Page_URL"="http://www.mystartsearch.com/?type=hp&ts=1420358432&from=wpc&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF675160D" "Start Page"="http://www.mystartsearch.com/?type=hp&ts=1420358432&from=wpc&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF675160D" "Search Page"="http://www.mystartsearch.com/web/?type=ds&ts=1420358432&from=wpc&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF675160D&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.mystartsearch.com/web/?type=ds&ts=1420358432&from=wpc&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF675160D&q={searchTerms}" "Default_Page_URL"="http://www.mystartsearch.com/?type=hp&ts=1420358432&from=wpc&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF675160D" "Start Page"="http://www.mystartsearch.com/?type=hp&ts=1420358432&from=wpc&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF675160D" "Search Page"="http://www.mystartsearch.com/web/?type=ds&ts=1420358432&from=wpc&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF675160D&q={searchTerms}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613} deleted successfully ==== HijackThis Entries ====================== O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe O4 - HKLM\..\RunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe" O4 - HKLM\..\RunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" O4 - HKUS\S-1-5-21-3683240426-1209236305-1723196143-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-3683240426-1209236305-1723196143-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: c:\WINDOWS\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: VMware Netlink Supervisor Service (ftnlsv3hv) - Unknown owner - C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe O23 - Service: VMware Scanner Redirection Client Service (ftscanmgr) - Unknown owner - C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: Google Update-service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Dell DataSafe Online (NOBU) - Dell, Inc. - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe O23 - Service: VMware View USB (vmware-view-usbd) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe O23 - Service: VMware Serial Com Redirection Client service (vmwsprrdpwks) - VMware - C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: VMware Horizon Client (wsnm) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\matthias\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\matthias\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\matthias\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=96 folders=40 60022536 bytes) ==== Empty Temp Folders ====================== C:\Users\Administrator\AppData\Local\temp emptied successfully C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Gast\AppData\Local\temp emptied successfully C:\Users\HomeGroupUser$\AppData\Local\temp emptied successfully C:\Users\matthias\AppData\Local\Temp will be emptied at reboot C:\Users\Public\AppData\Local\temp emptied successfully C:\Users\UpdatusUser\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\matthias\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on wo 28/01/2015 at 20:01:43,16 ======================