Zoek.exe v5.0.0.0 Updated 04-September-2015 Tool run by Mediamarkt2 on zo 06-09-2015 at 21:06:26,97. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Mediamarkt2\Downloads\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2013-12-02-104952.log 12566 bytes ==== Torpig Check ====================== HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll ==== Empty Folders Check ====================== C:\PROGRA~2\VideoLAN deleted successfully C:\Program Files\Common Files\Autodesk Shared deleted successfully C:\Users\Mediamarkt2\AppData\Roaming\Octoshape deleted successfully C:\Users\Mediamarkt2\AppData\Local\Adobe deleted successfully C:\Users\Mediamarkt2\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Mediamarkt2\AppData\Local\EmieSiteList deleted successfully C:\Users\Mediamarkt2\AppData\Local\EmieUserList deleted successfully C:\Users\Mediamarkt2\AppData\Local\KPN deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\20FEF217-1441560994-4ECF-20D6-28924A29A31B\jnswA0CB.tmp C:\Program Files (x86)\20FEF217-1441560994-4ECF-20D6-28924A29A31B\knsu75CD.tmpfs C:\Program Files (x86)\20FEF217-1441560994-4ECF-20D6-28924A29A31B\hnskB6E5.tmp C:\Users\Mediamarkt2\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\Mediamarkt2\AppData\Local\Akamai\netsession_win.exe C:\Users\Mediamarkt2\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Users\Mediamarkt2\Downloads\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\jimocoso deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mizodogy deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\totyseku deleted successfully ==== Deleting Files \ Folders ====================== C:\PROGRA~2\VideoLAN not found C:\Users\Mediamarkt2\AppData\Local\18911 deleted C:\task.vbs deleted C:\PROGRA~3\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat deleted C:\Users\Mediamarkt2\AppData\Local\SmartWeb deleted C:\Users\Mediamarkt2\AppData\Local\cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Mediamarkt2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk deleted C:\WINDOWS\SysNative\config\systemprofile\Searches deleted C:\Users\Mediamarkt2\AppData\Roaming\mRCpPfZmKBeycO7LL.exe deleted "C:\Users\Mediamarkt2\AppData\Roaming\mRCpPfZmKBeycO7LL" deleted "C:\WINDOWS\tasks\mRCpPfZmKBeycO7LL.job" deleted "C:\WINDOWS\SysNative\tasks\mRCpPfZmKBeycO7LL" deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3984 MB CPU Info: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz CPU Speed: 2219,8 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: Intel(R) HD Graphics 3000 | Intel(R) HD Graphics 3000 Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Ralink RT5390R 802.11bgn Wi-Fi Adapter | Realtek PCIe FE Family-controller CD / DVD Drives: 1x (E: | ) E: hp DVD RW AD-7760H Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 450,9GB | D: 13,7GB Hard Disks - Free: C: 383,2GB | D: 1,8GB Manufacturer *: Insyde BIOS Info: AT/AT COMPATIBLE | | HPQOEM - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: Hewlett-Packard 1858 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Internet Explorer Version: 11.0.9600.17937 Google Chrome version: 45.0.2454.85 Flash Player version: 18.0.0.232 Shockwave Player version: 11.6.4r634 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2015-08-12 19:04:20 FC2EA5BD5307D2CFA5AAA38E0C0DDCE9 221184 ----a-w- C:\WINDOWS\notepad.exe ====== C:\Users\MEDIAM~1\AppData\Local\Temp ==== 2015-09-06 17:52:34 C0157AD57D34D1D608ADEA523B228266 59904 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\bitool.dll 2015-09-06 17:45:25 10FFABC748D68C40B68F883058C9B932 50225 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\81441561522\Skw9LkpUSw==10700.exe 2015-09-06 17:44:55 37B9FAD70A9BE3369561205A1B59566F 943144 ------w- C:\Users\Mediamarkt2\AppData\Local\Temp\beebffbhca.exe 2015-09-06 17:44:52 708BEF2D55A69E71542B41F423240D5B 722696 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\mytmpinstaller.exe 2015-09-06 17:43:20 756A814E17CCBB674E9A7088D0C9CAF4 1331280 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\6580.exe 2015-09-06 17:38:53 59433FE179A54E675F2CAC141DA1731C 1957976 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\5708.exe 2015-09-06 17:37:44 A9ECA902185F41CF0FDEF207705B8C8C 155648 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\comh.423813\psuser.dll 2015-09-06 17:37:44 6D8150F091DE75D898C692C38CDA8627 761856 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\comh.423813\goopdate.dll 2015-09-06 17:37:44 613B73392333921CB5D6455F28BBB77C 155648 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\comh.423813\psmachine.dll 2015-09-06 17:37:44 2CD125CE3B6C9174B701F37E9793F354 220672 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\comh.423813\npglobalupdateUpdate4.dll 2015-09-06 17:37:43 F3E0BCAC0A50EA3B7571407A7DA325C7 32768 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\comh.423813\globalupdateHelper.msi 2015-09-06 17:37:43 8DF6560ADF608ECDCE5CAF299062A135 46080 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\comh.423813\globalupdateOnDemand.exe 2015-09-06 17:37:43 6419BCBF0B2569AACF4023942EADFCB8 46080 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\comh.423813\globalupdateBroker.exe 2015-09-06 17:37:43 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\comh.423813\globalupdateCrashHandler.exe 2015-09-06 17:37:43 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\comh.423813\globalupdate.exe 2015-09-06 17:36:24 2A5F246B97D00F77B78D15F72923839B 61981 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\Uninstall.exe 2015-09-06 17:33:36 A399C5CA3A8F348E2CB351F16C6EA38C 14205584 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\setup.exe 2015-09-06 17:33:31 307CFF85C1985F5BBE8E51F10AE2DF36 823984 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\Pokemon Yellow__15047_i1630012865_il5988.exe ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2015-09-06 17:37:42 96E65EAE79B5F04DA537F9D482E3DA4F 4 ----a-w- C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 2015-08-30 13:55:57 A98799EBA5BAABF1AB2BAFCE488FC9F9 19871232 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2015-09-05 13:36:38 FDB04D60A685E25DAEE00D1CE156C529 1406272 ----a-w- C:\WINDOWS\Sysnative\cpm.exe 2015-08-30 13:56:00 E5F2BB962F84A8F8D996FEA33F4C817B 25191936 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2015-09-06 17:53:10 1194CDCD0C2287BC0D67C4574126F299 45784 ----a-w- C:\WINDOWS\Sysnative\drivers\acwfp64.sys 2015-08-12 19:06:03 9A788037D768809DFD677F4BA08A224A 101720 ----a-w- C:\WINDOWS\Sysnative\drivers\mountmgr.sys 2015-08-12 19:04:42 26B8FED3F3B85F5F0C4BD03FD00B9941 270168 ----a-w- C:\WINDOWS\Sysnative\drivers\WdFilter.sys 2015-08-12 19:04:40 CE67080F00E0AF32755096CEA6430ABA 114520 ----a-w- C:\WINDOWS\Sysnative\drivers\WdNisDrv.sys 2015-08-12 19:04:40 81285DDC994F03379DB46419300B2DCB 44560 ----a-w- C:\WINDOWS\Sysnative\drivers\WdBoot.sys 2015-08-12 19:04:28 97DC5967F65503213FD1F1B3E4A6F983 1113944 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2015-08-12 19:04:21 746DDF7D59AB8D721C88D48434597E8D 2476376 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2015-08-12 19:04:20 25991A1635AF725E9DC840A6A36824EC 428888 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS ====== C:\WINDOWS\Tasks ====== 2015-09-06 17:37:05 2D904013362D73B9D107499C0A8FB943 3100 ----a-w- C:\WINDOWS\Sysnative\Tasks\cfr3011 ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2015-09-06 17:36:34 -------- d-----w- C:\PROGRA~2\20FEF217-1441560994-4ECF-20D6-28924A29A31B ======= C: ===== ====== C:\Users\Mediamarkt2\AppData\Roaming ====== 2015-09-06 17:39:40 -------- d-s---w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft 2015-09-06 17:33:40 -------- d-----w- C:\Users\Mediamarkt2\AppData\Local\Programs ====== C:\Users\Mediamarkt2 ====== 2015-09-06 18:33:45 2F4E1E2F3630243C76BE815FDDCBBFA8 1654272 ----a-w- C:\Users\Mediamarkt2\Downloads\adwcleaner_5.005 (1).exe 2015-09-06 18:25:12 2F4E1E2F3630243C76BE815FDDCBBFA8 1654272 ----a-w- C:\Users\Mediamarkt2\Downloads\adwcleaner_5.005.exe 2015-09-06 17:51:56 -------- d-----w- C:\ProgramData\5WdsManPro5 2015-09-06 17:36:02 -------- d-----w- C:\ProgramData\3WdsManPro3 ====== C: exe-files == 2015-09-06 19:06:12 EDDEC3E7CAD93B0F3B84F63B3193E4D6 759544 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\Q1OOI9B1\SmartWebInstaller[1].exe 2015-09-06 19:06:11 5C9336EFB1FAF577655BCD88A444C26B 165898 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\MW6SUVML\mEYhm[1].exe 2015-09-06 19:06:10 CEEA099A2589B086940EA7E1333A3AD9 40746 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\IXX1KCD7\cmmdWriter[1].exe 2015-09-06 19:06:10 2A5F246B97D00F77B78D15F72923839B 61981 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\C1NCKDME\Validate[1].exe 2015-09-06 18:15:09 2F4E1E2F3630243C76BE815FDDCBBFA8 1654272 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\C1NCKDME\adwcleaner_5.005.exe 2015-09-06 17:52:58 9889E636BF0C1D51AEB525CAD27D7F98 228296 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\MW6SUVML\VuuPC_VO2_8907[1].exe 2015-09-06 17:52:55 4C6E75F01D69B07E6D411E29AEA388FF 55197 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\IXX1KCD7\policyname[1].exe 2015-09-06 17:52:41 C4E293D645FF5F5043B25C65DE2F22B4 430256 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\IXX1KCD7\setup[2].exe 2015-09-06 17:52:29 20F288AA7D995A4BFCB240B66383EBF4 211114 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\Q1OOI9B1\smt[1].exe 2015-09-06 17:51:58 E0DA271341411C06CD94035AEA6D008F 709288 ----a-w- C:\ProgramData\5WdsManPro5\WdsManPro.exe 2015-09-06 17:51:36 0B5E7B3E496D3C0E6AA4129FF0F79C12 4871904 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\Q1OOI9B1\cdn[1].exe 2015-09-06 17:51:35 CCCDD9B24AA435129F87735724D8B4ED 5799112 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\MW6SUVML\setup_gmsd_nl[1].exe 2015-09-06 17:51:35 8A77F074C6628B81F94E144784F32ADB 100529 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\MW6SUVML\Bundle_CPUminer[1].exe 2015-09-06 17:51:34 F77F6B517CF2E893CFCB107444F14495 83223 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\C1NCKDME\df4a6a3ed77e60d6758afca091ca0c1f[1].exe 2015-09-06 17:51:32 4AEAB4F9DF38DFC603E64319149ACE23 350360 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\IXX1KCD7\cmi_mystartsearch[1].exe 2015-09-06 17:51:28 B6EE1CE3955EB686AFCB022B9E7B289A 124154 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\Q1OOI9B1\SearchUpdater[1].exe 2015-09-06 17:47:38 E00F039F0DC4A97CE097B253F644FAB2 594813 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\MW6SUVML\Setup[1].exe 2015-09-06 17:45:44 CBCBE1F76F434A3B41C0148B62E6FBFF 1998408 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\IXX1KCD7\setup[1].exe 2015-09-06 17:45:25 10FFABC748D68C40B68F883058C9B932 50225 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\81441561522\Skw9LkpUSw==10700.exe 2015-09-06 17:45:25 10FFABC748D68C40B68F883058C9B932 50225 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\C1NCKDME\OperaChecker25-6[1].exe 2015-09-06 17:44:55 37B9FAD70A9BE3369561205A1B59566F 943144 ------w- C:\Users\Mediamarkt2\AppData\Local\Temp\beebffbhca.exe 2015-09-06 17:44:52 708BEF2D55A69E71542B41F423240D5B 722696 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\mytmpinstaller.exe 2015-09-06 17:44:50 708BEF2D55A69E71542B41F423240D5B 722696 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\IXX1KCD7\Reimage[1].exe 2015-09-06 17:43:20 756A814E17CCBB674E9A7088D0C9CAF4 1331280 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\6580.exe 2015-09-06 17:38:53 59433FE179A54E675F2CAC141DA1731C 1957976 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\5708.exe 2015-09-06 17:38:48 59433FE179A54E675F2CAC141DA1731C 1957976 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\MW6SUVML\installer[1].exe 2015-09-06 17:37:43 8DF6560ADF608ECDCE5CAF299062A135 46080 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\comh.423813\globalupdateOnDemand.exe 2015-09-06 17:37:43 6419BCBF0B2569AACF4023942EADFCB8 46080 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\comh.423813\globalupdateBroker.exe 2015-09-06 17:37:43 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\comh.423813\globalupdateCrashHandler.exe 2015-09-06 17:37:43 3C14AAE26EA06BADAC98520773772CEB 68608 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\comh.423813\globalupdate.exe 2015-09-06 17:37:28 812400977140134B25074657B0C4F06A 120832 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\MW6SUVML\SU_Srv[1].exe 2015-09-06 17:37:27 ED63538BF12C6DEABCDD27458F66E032 514560 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\C1NCKDME\Update_Notifier[1].exe 2015-09-06 17:37:22 003BFFE571A186DD822F413E1CBE4BD1 563712 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\IXX1KCD7\runasu[1].exe 2015-09-06 17:37:04 BB47DB21BFC9DF06ACFD0FFFE77B0237 412544 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\Q1OOI9B1\SFSetup[1].exe 2015-09-06 17:37:03 0A42621DB8702B12D805F7C3990838E3 137728 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\IXX1KCD7\trtOnV[1].exe 2015-09-06 17:36:57 5855BA975EC4C59141E311487FBD8A2A 227328 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\Q1OOI9B1\JOSrv[1].exe 2015-09-06 17:36:47 003BFFE571A186DD822F413E1CBE4BD1 563712 ----a-w- C:\Program Files (x86)\20FEF217-1441560994-4ECF-20D6-28924A29A31B\rnsx8B0C.exe 2015-09-06 17:36:35 964BAFBE59FEB2C049A43569FF15FF53 73151 ----a-w- C:\Program Files (x86)\20FEF217-1441560994-4ECF-20D6-28924A29A31B\Uninstall.exe 2015-09-06 17:36:24 2A5F246B97D00F77B78D15F72923839B 61981 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\Uninstall.exe 2015-09-06 17:36:13 8501F079EF3FC63721D0164B8A34B4A9 202653 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\C1NCKDME\check[1].exe 2015-09-06 17:36:02 E0DA271341411C06CD94035AEA6D008F 709288 ----a-w- C:\ProgramData\3WdsManPro3\WdsManPro.exe 2015-09-06 17:33:36 A399C5CA3A8F348E2CB351F16C6EA38C 14205584 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\setup.exe 2015-09-06 17:33:31 307CFF85C1985F5BBE8E51F10AE2DF36 823984 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Temp\Pokemon Yellow__15047_i1630012865_il5988.exe 2015-09-06 17:33:24 307CFF85C1985F5BBE8E51F10AE2DF36 823984 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\IXX1KCD7\Pokemon Yellow__15047_i1630012865_il5988.exe 2015-09-04 15:39:31 06CFCD864C25DBC2F4CED85066459355 8702032 ----a-w- C:\Program Files (x86)\Google\Update\Install\{E01B42ED-039D-4DE8-BEAB-837B0803A773}\45.0.2454.85_44.0.2403.157_chrome_updater.exe 2015-09-04 15:39:26 06CFCD864C25DBC2F4CED85066459355 8702032 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\45.0.2454.85\45.0.2454.85_44.0.2403.157_chrome_updater.exe 2015-09-03 10:33:33 E2CD6F76B2E57B3D61DC21FB58A5EC10 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleUpdateOnDemand.exe 2015-09-03 10:33:33 000975A5E8399A6EB7104A31DA947279 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleUpdateWebPlugin.exe 2015-09-03 10:33:32 0ECB154C98DD6A404B7DEB62C7425F60 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleUpdateBroker.exe 2015-09-03 10:33:29 A981DE48BF7865E0ABE97612FAE8ECC9 929360 ----a-w- C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleUpdateSetup.exe 2015-09-03 10:33:24 DD7423ABBE2913E70D50E9318AD57EE4 144200 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleUpdate.exe 2015-09-03 10:33:24 93EA3D9300F9A4B29D12A60D50142D5B 130888 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleUpdateComRegisterShell64.exe 2015-09-03 10:33:24 3ED2B00729E2D4F974C1418F1B2CDF60 245064 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe 2015-09-03 10:33:24 042ED5CED9032D093CACF785BFA39D65 305992 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe 2015-09-03 10:33:18 A981DE48BF7865E0ABE97612FAE8ECC9 929360 ----a-w- C:\Program Files (x86)\Google\Update\Install\{4B9E9100-470C-4B7C-97B3-C80AC432C976}\GoogleUpdateSetup.exe 2015-09-03 10:33:15 A981DE48BF7865E0ABE97612FAE8ECC9 929360 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.28.13\GoogleUpdateSetup.exe === C: other files == 2015-09-06 17:53:10 1194CDCD0C2287BC0D67C4574126F299 45784 ----a-w- C:\Windows\System32\drivers\acwfp64.sys 2015-09-06 17:35:49 D8984390C7A5F95FED0D36F3DD347162 1193958 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\IXX1KCD7\2[1].zip 2015-09-06 17:34:24 A05EDA6934281DC2E4AF725312183B67 1138484 ----a-w- C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE\IXX1KCD7\1[1].zip 2015-09-06 17:19:20 9CF118EE1FB3563474400AE8E8DE680E 91741 ----a-w- C:\Users\Mediamarkt2\Downloads\TGB_Dual_7.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2499239261-3902574125-147780791-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Mediamarkt2\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "BrowserChoice"="C:\Windows\BrowserChoice\browserchoice.exe /run" "Akamai NetSession Interface"="C:\Users\Mediamarkt2\AppData\Local\Akamai\netsession_win.exe" "GoogleChromeAutoLaunch_59E89D9C8225092A11A0AC5E0317A5F2"="C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe --no-startup-window" [HKEY_USERS\S-1-5-21-2499239261-3902574125-147780791-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Autodesk© AutoCAD© 2014"="C:\Autodesk\AutoCAD_2014_English_Win_32_64bit_wi_en-us\Setup.exe /url http://edutrial.autodesk.com/SWDLDNET3/2014/ACD/WI/AutoCAD_2014_English_Win_32_64bit_wi_en-us_Setup.exe /SN 900-52660592 /PK 001F1 /student /akamai /skipEULA /auth authparam /sid SESSION_ID" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R" "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "KPN Assistent"="C:\Program Files (x86)\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe /auto" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "SmartWeb"="C:\Users\Mediamarkt2\AppData\Local\SmartWeb\SmartWebHelper.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Mediamarkt2\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "BrowserChoice"="C:\Windows\BrowserChoice\browserchoice.exe /run" "Akamai NetSession Interface"="C:\Users\Mediamarkt2\AppData\Local\Akamai\netsession_win.exe" "GoogleChromeAutoLaunch_59E89D9C8225092A11A0AC5E0317A5F2"="C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe --no-startup-window" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Autodesk© AutoCAD© 2014"="C:\Autodesk\AutoCAD_2014_English_Win_32_64bit_wi_en-us\Setup.exe /url http://edutrial.autodesk.com/SWDLDNET3/2014/ACD/WI/AutoCAD_2014_English_Win_32_64bit_wi_en-us_Setup.exe /SN 900-52660592 /PK 001F1 /student /akamai /skipEULA /auth authparam /sid SESSION_ID" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "cpuminer"="C:\WINDOWS\system32\cpm.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12-08-2015 20:49] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [03-09-2015 12:33] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [03-09-2015 12:33] C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job --a-------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [28-08-2012 21:33] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\cfr3011" [C:\PROGRA~2\FASTSE~1\cfr3011.exe] "C:\WINDOWS\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{15385807-83E5-40B6-B41C-2D30A5879BCB}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Tune-up Postponed" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Folders in C:\PROGRA~3 0-6 Months Old ====================== 2015-09-06 17:36:02 -------- d-----w- C:\PROGRA~3\3WdsManPro3 2015-09-06 17:51:56 -------- d-----w- C:\PROGRA~3\5WdsManPro5 ==== Chromium Look ====================== Google Chrome Version: 45.0.2454.85 Chrome Web Store Payments - Mediamarkt2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda 20-20 3D Viewer for IKEA - Mediamarkt2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://g.uk.msn.com/CQCON13/7" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://g.uk.msn.com/CQCON13/7" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPNTDFJS" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1346-154357-12126-2/4?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SmartWeb deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [KPN Assistent] C:\Program Files (x86)\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe /auto O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SmartWeb] C:\Users\Mediamarkt2\AppData\Local\SmartWeb\SmartWebHelper.exe O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Mediamarkt2\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [BrowserChoice] "C:\Windows\BrowserChoice\browserchoice.exe" /run O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Mediamarkt2\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_59E89D9C8225092A11A0AC5E0317A5F2] "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window O4 - HKCU\..\RunOnce: [Autodesk® AutoCAD® 2014] C:\Autodesk\AutoCAD_2014_English_Win_32_64bit_wi_en-us\Setup.exe /url "http://edutrial.autodesk.com/SWDLDNET3/2014/ACD/WI/AutoCAD_2014_English_Win_32_64bit_wi_en-us_Setup.exe" /SN 900-52660592 /PK 001F1 /student /akamai /skipEULA /auth authparam /sid SESSION_ID O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Mediamarkt2\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Mediamarkt2\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=233 folders=40 30822783 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Mediamarkt2\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\MEDIAM~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found ==== EOF on zo 06-09-2015 at 21:27:28,90 ======================