Zoek.exe v5.0.0.0 Updated 17-09-2015 Tool run by User on vr 18/09/2015 at 20:01:46,86. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\User\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2015-08-24-143513.log 71882 bytes C:\zoek-results2015-08-25-065057.log 36655 bytes C:\zoek-results2015-09-16-120955.log 38260 bytes ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Flash Player 18 NPAPI Adobe Flash Player 18 PPAPI Adobe Photoshop CS6 Extended version 13.0 Adobe Reader XI (11.0.06) - Nederlands AMD Accelerated Video Transcoding AMD Catalyst Control Center AMD Catalyst Install Manager Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Cheat Engine 6.4 Corel PaintShop Pro X7 Definition Update for Microsoft Office 2013 (KB3085499) 64-Bit Edition Euro Truck Simulator 2 Euro Truck Simulator 2 Multiplayer 0.2.0.1.1 Alpha Football Manager 2015 Football Manager 2015 Editor Fraps globalupdate Helper Intel(R) Manageability Engine Firmware Recovery Agent Intel(R) Management Engine Components Intel(R) Rapid Storage Technology Intel(R) Smart Connect Technology Intel© Trusted Connect Service Client Java 8 Update 60 Java Auto Updater McAfee Security Scan Plus Microsoft .NET Framework 1.1 Microsoft Access Runtime 2013 Microsoft Access Runtime MUI (Dutch) 2013 Microsoft Office 32-bit Components 2013 Microsoft Office Access Runtime (English) 2007 Microsoft Office Shared 32-bit MUI (Dutch) 2013 Microsoft Office Shared MUI (Dutch) 2013 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Norton Identity Safe Opera Stable 32.0.1948.25 paint.net PhotoScape Python 2.7.9 Security Update for Microsoft Excel 2013 (KB3085502) 64-Bit Edition Security Update for Microsoft Office 2013 (KB3039734) 64-Bit Edition Security Update for Microsoft Office 2013 (KB3039798) 64-Bit Edition Security Update for Microsoft Office 2013 (KB3054816) 64-Bit Edition Security Update for Microsoft Office 2013 (KB3054932) 64-Bit Edition Security Update for Skype for Business 2015 (KB3085500) 64-Bit Edition Skype Click to Call SkypeT 7.8 Steam Update for Microsoft Access 2013 (KB3085503) 64-Bit Edition Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition Update for Microsoft Office 2013 (KB2899522) 64-Bit Edition Update for Microsoft Office 2013 (KB2956152) 64-Bit Edition Update for Microsoft Office 2013 (KB2975869) 64-Bit Edition Update for Microsoft Office 2013 (KB3023052) 64-Bit Edition Update for Microsoft Office 2013 (KB3039718) 64-Bit Edition Update for Microsoft Office 2013 (KB3039762) 64-Bit Edition Update for Microsoft Office 2013 (KB3054774) 64-Bit Edition Update for Microsoft Office 2013 (KB3054783) 64-Bit Edition Update for Microsoft Office 2013 (KB3054923) 64-Bit Edition Update for Microsoft Office 2013 (KB3054935) 64-Bit Edition Update for Microsoft Office 2013 (KB3055010) 64-Bit Edition Update for Microsoft Office 2013 (KB3085479) 64-Bit Edition Update for Microsoft Office 2013 (KB3085480) 64-Bit Edition Update for Microsoft Office 2013 (KB3085504) 64-Bit Edition Update for Microsoft Office 2013 (KB3085506) 64-Bit Edition Update for Microsoft OneDrive for Business (KB3055020) 64-Bit Edition Update for Microsoft OneNote 2013 (KB3085491) 64-Bit Edition Update for Microsoft Outlook 2013 (KB3085495) 64-Bit Edition Update for Microsoft Project 2013 (KB3085510) 64-Bit Edition Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition WinRAR 5.01 (32-bit) ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe C:\Program Files (x86)\Opera\32.0.1948.25\opera.exe C:\Program Files (x86)\Opera\32.0.1948.25\opera_crashreporter.exe C:\Program Files (x86)\Opera\32.0.1948.25\opera.exe C:\Program Files (x86)\Opera\32.0.1948.25\opera.exe C:\Program Files (x86)\Opera\32.0.1948.25\opera.exe C:\Program Files (x86)\Opera\32.0.1948.25\opera.exe C:\Program Files (x86)\Opera\32.0.1948.25\opera.exe C:\Program Files (x86)\Opera\32.0.1948.25\opera.exe C:\Program Files (x86)\Opera\32.0.1948.25\opera.exe C:\Program Files (x86)\Opera\32.0.1948.25\opera.exe C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Windows\syswow64\wwahost.exe C:\Program Files (x86)\Opera\32.0.1948.25\opera.exe C:\Program Files (x86)\Opera\32.0.1948.25\opera.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Steam\bin\steamwebhelper.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Program Files (x86)\Steam\bin\steamwebhelper.exe C:\Program Files (x86)\Steam\bin\steamwebhelper.exe C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe C:\Users\User\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Opera\32.0.1948.25\opera.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McComponentHostService deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\\ProgramData\\ExtTag not found C:\Program Files\Common Files\bxfkukn5 deleted "C:\Windows\SysNative\tasks\33of3mxy" deleted "C:\Windows\Installer\81b9a94f.msi" deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 16323 MB CPU Info: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz CPU Speed: 3404,5 MHz Sound Card: Hoofdtelefoon (High Definition | Display Adapters: AMD Radeon R9 200 Series | AMD Radeon R9 200 Series | AMD Radeon R9 200 Series | AMD Radeon R9 200 Series | AMD Radeon R9 200 Series | AMD Radeon R9 200 Series Monitors: 1x; BenQ GL2250 (Analog) | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family-controller | VPN Client Adapter - VPN CD / DVD Drives: 1x (D: | ) D: TSSTcorpCDDVDW SH-224DB Ports: COM1 LPT1 Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 111,4GB | E: 1863,0GB Hard Disks - Free: C: 26,4GB | E: 1862,7GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 09/09/13 | ALASKA - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: ASRock H81M-HDS Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Opera Internet Browser 32.0.1948.25 Internet Explorer Version: 11.0.9600.18036 Opera Browser version: 32.0.1948.25 Adobe Reader version: 11.0.06.70 Sun Java version: 1.8.0_60 (32-bit) Sun Java version: 1.8.0_60 (64-bit) Flash Player version: 18.0.0.232 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\User\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-09-09 19:09:05 F34E095C602E105AAEB5762464A074D8 81920 ----a-w- C:\Windows\SysWOW64\wudriver.dll 2015-09-09 19:09:05 8EBAEAEF19E557506D9C7236281B79F4 124928 ----a-w- C:\Windows\SysWOW64\wuwebv.dll 2015-09-09 19:09:05 0EA1A0514316E500B4B6ABB816DA01DC 721920 ----a-w- C:\Windows\SysWOW64\wuapi.dll 2015-09-09 19:09:04 3EB61DA44BD70A70803CDFFC317C3525 29696 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2015-09-09 19:08:31 0C0F9AAF13415DE6C9F73FF7BEF88314 230912 ----a-w- C:\Windows\SysWOW64\InkEd.dll 2015-09-09 19:08:28 FE5CDD0986F845684E866C8A00ABF5B9 749568 ----a-w- C:\Windows\SysWOW64\tdh.dll 2015-09-09 19:08:27 2D2C20DF59F51A8EEA12F3D6DE2E7D9B 1903848 ----a-w- C:\Windows\SysWOW64\msxml6.dll 2015-09-09 19:08:26 7A88A2F50CC53DF2DDCA544B4A58F95C 1556992 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2015-09-09 19:08:23 164FE7DB9C7819F2F60A33F9BADD3B99 19856384 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-09-09 19:08:21 DA36D4C0F6EF1C3A3FD848BB7A88A728 12857344 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-09-09 19:08:20 C2CDCD4EFD66AF2DE22EBB1EDAD70A92 2279424 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-09-09 19:08:20 9BCDFFECF276DBFB1EC8E2D3DD038E00 1951232 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-09-09 19:08:20 7FE6E42911FCD9EA43AC111558E794C1 4520448 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-09-09 19:08:20 21FA5416257D628DE9100B22C6F4E011 665600 ----a-w- C:\Windows\SysWOW64\jscript.dll 2015-09-09 19:08:19 DB87011A9EA9E44EB716C472E09921F8 1310720 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-09-09 19:08:19 912A76E83F974A8EE728A109C9905685 504832 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-09-09 19:08:18 BD197D0865A8C858BB9AB153D5B22EF7 230400 ----a-w- C:\Windows\SysWOW64\webcheck.dll 2015-09-09 19:08:18 A030A4D208BB0FEA97702F56A75CE7D2 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2015-09-09 19:08:18 59C13F923C30AE909129C1B28139E32B 327168 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2015-09-09 19:08:18 12051337325500C8E68ADDE4E3706908 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-09-09 19:08:17 97B61B2A69D381FB4B354A742D77438A 880128 ----a-w- C:\Windows\SysWOW64\inetcomm.dll 2015-09-09 19:08:17 7282DBD37A639459F907B8C9307D1041 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-09-09 19:08:08 F418F268721B183BB5C42DFA23D9D9C2 359936 ----a-w- C:\Windows\SysWOW64\taskeng.exe 2015-09-09 19:08:08 F3FE4F9CFF9E82DC66963988F8FBC4F1 1097216 ----a-w- C:\Windows\SysWOW64\gdi32.dll 2015-09-09 19:08:08 9FA27757540B4AAD5EDAAEE1E1D33FA9 182784 ----a-w- C:\Windows\SysWOW64\schtasks.exe 2015-09-09 19:08:08 70C34F5CC9B0E51B87C417FB65C120F9 1546752 ----a-w- C:\Windows\SysWOW64\Windows.UI.Immersive.dll 2015-09-09 19:08:08 560120EE098272BF187C9FC470F290FA 2461184 ----a-w- C:\Windows\SysWOW64\authui.dll 2015-09-09 19:08:07 F1BB02F06DF4A6D37508A65E0A2EE881 301568 ----a-w- C:\Windows\SysWOW64\atmfd.dll 2015-09-09 19:08:07 A81B57D0157AC51C312BADB2D7153252 520192 ----a-w- C:\Windows\SysWOW64\SettingSync.dll 2015-09-09 19:08:07 78FE64758E3396A13EE8CBE0EF435B32 35840 ----a-w- C:\Windows\SysWOW64\atmlib.dll 2015-09-09 19:08:07 4615D4A2D7990F604130002F48EE0B87 148480 ----a-w- C:\Windows\SysWOW64\shacct.dll 2015-09-09 19:08:07 2EE41D7C3CE1F2574DAF1FA72AD8564B 65600 ----a-w- C:\Windows\SysWOW64\appidapi.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-09-09 19:09:06 3F726FF7B1ACC7D5E89940EA5BFF0E61 3705344 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2015-09-09 19:09:05 F3F53766701AB4B894DDB4F78D53321D 140288 ----a-w- C:\Windows\Sysnative\wuwebv.dll 2015-09-09 19:09:05 B4EAB9C15967EBD6E4569734892176D4 136904 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2015-09-09 19:09:05 7AB01F304D40674D37CB7E7E8891B429 409088 ----a-w- C:\Windows\Sysnative\WUSettingsProvider.dll 2015-09-09 19:09:05 604010F2534A39FF7E043236FE296BA3 95744 ----a-w- C:\Windows\Sysnative\wudriver.dll 2015-09-09 19:09:05 5AD59ABE70AB621386E6E23A5EE221D1 35840 ----a-w- C:\Windows\Sysnative\wuapp.exe 2015-09-09 19:09:05 57220D51A2650FEB323AA9E639714E4B 2240512 ----a-w- C:\Windows\Sysnative\wucltux.dll 2015-09-09 19:09:05 5106BAC2B4547B26C4B3A974615D2585 891904 ----a-w- C:\Windows\Sysnative\wuapi.dll 2015-09-09 19:08:31 5AA5D3EE2A87385B6E567D6B48B13A84 268288 ----a-w- C:\Windows\Sysnative\InkEd.dll 2015-09-09 19:08:29 484E3AD4E215A7850B4197A4A6D97134 41984 ----a-w- C:\Windows\Sysnative\UtcResources.dll 2015-09-09 19:08:29 08079E76DD10DDEC6FA4F92AFF1CD38D 118616 ----a-w- C:\Windows\Sysnative\consent.exe 2015-09-09 19:08:28 D6457C727572BF4E4189FE04CD49A589 951296 ----a-w- C:\Windows\Sysnative\tdh.dll 2015-09-09 19:08:28 21EDAD8188372C912B7BB9B1C6CB0D38 1633792 ----a-w- C:\Windows\Sysnative\diagtrack.dll 2015-09-09 19:08:27 C2840E77C27B5F90F60F5C3CAE8787A7 2531400 ----a-w- C:\Windows\Sysnative\msxml6.dll 2015-09-09 19:08:26 54FCD2135049B5121BD8879E220E773A 2345472 ----a-w- C:\Windows\Sysnative\msxml3.dll 2015-09-09 19:08:24 B73856CE663B16B980D635922B6A5EA6 25188352 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-09-09 19:08:21 13FAD8FFBB0E85761B42594FDAE425F7 5923840 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-09-09 19:08:21 06A02C37847A859E10EACE1A9032387C 14451712 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-09-09 19:08:20 CC4D00C985EC6E0F67EE3CF69FABAC4B 2886144 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-09-09 19:08:20 096A832FCF5A01003E96DD7FEE45618D 2427392 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-09-09 19:08:19 F6EA92A7954C4BE5916BD791F1B2FA3F 720384 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2015-09-09 19:08:19 C3BBD7A0B4E8E4208E8C88D9D4D0E835 585216 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-09-09 19:08:19 9D7B2EBCE72DBF36A8B502ED7FF230A7 817664 ----a-w- C:\Windows\Sysnative\jscript.dll 2015-09-09 19:08:19 504D90662FEFEF8EA6E19BFE5C10229C 2126336 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-09-09 19:08:19 2ED806192EEB92E963B30B250F946C04 374784 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2015-09-09 19:08:19 1F3DBB57E9EAC4E4BDD4DD523EEAC701 1545728 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-09-09 19:08:18 F5886DC6A5386A1EC938C93A40554C15 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-09-09 19:08:18 B0ED8AEF452E9294E73C0C70BD301A4F 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll 2015-09-09 19:08:17 FCE64E50B3E81A69C1CA767015AA1917 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-09-09 19:08:17 C5760EA4180AD13CF49F04D2E806DE8F 1032704 ----a-w- C:\Windows\Sysnative\inetcomm.dll 2015-09-09 19:08:08 FA3A2F366A8D4A2BFE2FBD6BF99D8BD2 2775552 ----a-w- C:\Windows\Sysnative\authui.dll 2015-09-09 19:08:08 E559586B7EA3E1902E6C123098BDBE5B 2819072 ----a-w- C:\Windows\Sysnative\SettingsHandlers.dll 2015-09-09 19:08:08 D29E5AA3BDB179B68BB80918008B6D55 655872 ----a-w- C:\Windows\Sysnative\SettingSync.dll 2015-09-09 19:08:08 C437FBED45D3F2AEBA19CA3A9BA2348D 411455 ----a-w- C:\Windows\Sysnative\ApnDatabase.xml 2015-09-09 19:08:08 A21AC8D41E63CF1AA24EBC165AE82C9A 468992 ----a-w- C:\Windows\Sysnative\taskeng.exe 2015-09-09 19:08:08 3D50654EB342ED42EDA48F4CD8EF82B1 1728000 ----a-w- C:\Windows\Sysnative\Windows.UI.Immersive.dll 2015-09-09 19:08:08 3151A020E03DDE31AAC49F35C5EFB4DB 1265152 ----a-w- C:\Windows\Sysnative\schedsvc.dll 2015-09-09 19:08:08 2E9E198247BF0E9BD94B42286798A5AC 229376 ----a-w- C:\Windows\Sysnative\schtasks.exe 2015-09-09 19:08:08 1BC82B720076C30643CB04AAEE649A79 1380056 ----a-w- C:\Windows\Sysnative\gdi32.dll 2015-09-09 19:08:07 F5A987C9AE37B5A0E596FD6C61B2786E 194048 ----a-w- C:\Windows\Sysnative\shacct.dll 2015-09-09 19:08:07 D2B6D2C64B74277FC27756F9C02FFB5F 63488 ----a-w- C:\Windows\Sysnative\tzsync.exe 2015-09-09 19:08:07 BB13532E840F4B6842E789DDA8382FE2 358912 ----a-w- C:\Windows\Sysnative\atmfd.dll 2015-09-09 19:08:07 88358135810B9DFD830A9D3A8C3D149A 39936 ----a-w- C:\Windows\Sysnative\appidsvc.dll 2015-09-09 19:08:07 6E409D818C6B342544EAE741B1422B85 228864 ----a-w- C:\Windows\Sysnative\profsvc.dll 2015-09-09 19:08:07 452F2B00E71FB1B216957539D15F3159 4175872 ----a-w- C:\Windows\Sysnative\win32k.sys 2015-09-09 19:08:07 447B30071910564528542F80343C74CB 44032 ----a-w- C:\Windows\Sysnative\atmlib.dll 2015-09-09 19:08:07 3F44A679845792E68F1A6FDA59309E92 74928 ----a-w- C:\Windows\Sysnative\appidapi.dll ====== C:\Windows\Sysnative\drivers ===== 2015-08-27 11:14:13 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf ====== C:\Windows\Tasks ====== 2015-08-23 15:14:24 60894718ABD2B647D01D97D31D7B7A15 3818 ----a-w- C:\Windows\Sysnative\Tasks\Opera scheduled Autoupdate 1440342862 ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-08-23 16:07:08 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2015-09-18 17:57:46 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2015-09-13 18:13:11 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2015-08-23 16:05:59 -------- d-----w- C:\PROGRA~2\trend micro ======= C: ===== ====== C:\Users\User\AppData\Roaming ====== 2015-09-18 17:57:39 -------- d-----w- C:\Users\User\AppData\Roaming\Sun 2015-09-18 17:57:04 -------- d-----w- C:\Users\User\AppData\Locallow\Oracle 2015-09-16 12:09:17 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-09-16 12:09:17 -------- d-----w- C:\Users\User\AppData\Local\Temp 2015-09-16 12:09:17 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2015-09-16 12:09:17 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2015-08-23 15:12:37 -------- d-----w- C:\Users\User\AppData\Local\Slimjet ====== C:\Users\User ====== 2015-09-18 17:57:39 -------- d-----w- C:\Users\User\.oracle_jre_usage 2015-09-18 17:57:29 -------- d-----w- C:\ProgramData\Oracle 2015-09-18 17:56:58 E30980CB6C013A7686E41FD4BD622800 584288 ----a-w- C:\Users\User\Downloads\jre-8u60-windows-i586-iftw (1).exe 2015-09-18 17:43:47 A1892DFF2FFB5CCFE3D46D8295F38326 56501344 ----a-w- C:\Users\User\Downloads\jre-8u60-windows-x64.exe 2015-09-18 17:43:45 ACACD64D6B4F9952546ADDED158D1D02 49695840 ----a-w- C:\Users\User\Downloads\jre-8u60-windows-i586.exe 2015-09-18 17:43:43 E30980CB6C013A7686E41FD4BD622800 584288 ----a-w- C:\Users\User\Downloads\jre-8u60-windows-i586-iftw.exe 2015-09-13 18:13:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-09-06 15:59:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer ====== C: exe-files == 2015-09-18 17:57:38 BC949C957CEB9FAFDF0F3949CDDF1A72 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2015-09-18 17:57:38 7080B965215703EA1340C3C4903C7D73 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2015-09-18 17:57:38 5DC0128E8A2017E82289191820C736A5 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2015-09-18 17:57:35 E408E46C5DD2D03A7474AA12BAABEFEE 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\klist.exe 2015-09-18 17:57:35 D94C31E9C9C9A1273CC67DC6FFAF9984 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\policytool.exe 2015-09-18 17:57:35 BDFF5086FC1F20E631A070EEF43A7BEC 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\tnameserv.exe 2015-09-18 17:57:35 B9DE149653ED8B9C5C6CB68131AB66D2 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\jjs.exe 2015-09-18 17:57:35 B804A4E31F4BAD4D5BA05FE684756BA2 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\servertool.exe 2015-09-18 17:57:35 7A0DE452F677EF2971C7B75B0267B6ED 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssvagent.exe 2015-09-18 17:57:35 6A5A2FDB6D09E02A3283C55237DA10F6 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\unpack200.exe 2015-09-18 17:57:35 606A24A64E164B345A79F8F22A5DAC6F 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\pack200.exe 2015-09-18 17:57:35 5A503CFE5B553A9721A469FCC9CE8562 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\rmiregistry.exe 2015-09-18 17:57:35 3292748E640429C2682484BD23D43F6B 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\rmid.exe 2015-09-18 17:57:35 30387BE3E5D04FE969B731441C89D2D8 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\ktab.exe 2015-09-18 17:57:35 21B5D297A9191E4D833BB39456CEDAD0 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\kinit.exe 2015-09-18 17:57:35 0FCF9F3D9518B90FB58CC950FA33998C 76896 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2launcher.exe 2015-09-18 17:57:35 0F6E0DD1263ACB2A1AC559BB7742B54D 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\keytool.exe 2015-09-18 17:57:35 08427EADE480F21412696582170B1167 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\orbd.exe 2015-09-18 17:57:34 BC949C957CEB9FAFDF0F3949CDDF1A72 191584 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\java.exe 2015-09-18 17:57:34 8C6BDB56CD4DEED1AF2790D37B54CFE9 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\javacpl.exe 2015-09-18 17:57:34 86CC77A8189758834CF83F7F2FEA5162 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\java-rmi.exe 2015-09-18 17:57:34 7080B965215703EA1340C3C4903C7D73 274016 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\javaws.exe 2015-09-18 17:57:34 5DC0128E8A2017E82289191820C736A5 191584 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\javaw.exe 2015-09-18 17:57:34 262BBCE84B9C8784CC5A5E1975898022 30304 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\jabswitch.exe 2015-09-18 17:56:58 E30980CB6C013A7686E41FD4BD622800 584288 ----a-w- C:\Users\User\Downloads\jre-8u60-windows-i586-iftw (1).exe 2015-09-18 17:43:47 A1892DFF2FFB5CCFE3D46D8295F38326 56501344 ----a-w- C:\Users\User\Downloads\jre-8u60-windows-x64.exe 2015-09-18 17:43:45 ACACD64D6B4F9952546ADDED158D1D02 49695840 ----a-w- C:\Users\User\Downloads\jre-8u60-windows-i586.exe 2015-09-18 17:43:43 E30980CB6C013A7686E41FD4BD622800 584288 ----a-w- C:\Users\User\Downloads\jre-8u60-windows-i586-iftw.exe 2015-09-18 15:28:13 CBA32D4B07772C60AD788E5B0D7F4137 1320568 ----a-w- C:\Program Files (x86)\Opera\32.0.1948.25\installer.exe 2015-09-18 15:28:13 AEC93EA3A7264CB706267795776A5894 507512 ----a-w- C:\Program Files (x86)\Opera\32.0.1948.25\opera_crashreporter.exe 2015-09-18 15:28:13 5BC8D39EB095E7E4C22937A3AC1DD792 73336 ----a-w- C:\Program Files (x86)\Opera\32.0.1948.25\wow_helper.exe 2015-09-18 15:28:13 5949C2D8DE435C97752BC19E940023AD 901240 ----a-w- C:\Program Files (x86)\Opera\32.0.1948.25\opera.exe 2015-09-18 15:28:13 39161F49FF45FE417475C03877E804C1 3598968 ----a-w- C:\Program Files (x86)\Opera\32.0.1948.25\opera_autoupdate.exe === C: other files == 2015-09-18 17:57:35 4E221C69F3B103481534D1B6CB6A90DD 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\lib\deploy\ffjcext.zip 2015-09-16 15:06:28 28DBA3FC38D429F7DEB03732C74D5894 2440966 ----a-w- C:\Users\User\Downloads\MU Data Update - September_397994FD-770B-9A5E-E4AA4FDFC008.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001\Software\Microsoft\Windows\CurrentVersion\Run] "BingSvc"="C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BingSvc"="C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" ==== Startup Folders ====================== 2014-03-07 15:14:15 2070 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe [12/08/2015 16:54] C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/08/2015 16:54] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player PPAPI Notifier" [C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\Windows\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d" ["C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe"] "C:\Windows\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon" ["C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe"] "C:\Windows\SysNative\tasks\Opera scheduled Autoupdate 1440342862" [C:\Program Files (x86)\Opera\launcher.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{7A66EF19-D0C9-4D28-A71A-286237E5D80B}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Analyzer" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Processor" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gfnpttr2.default user_pref("browser.startup.homepage", "C:\ProgramData\ITHelpers\ff.HP"); user_pref("browser.newtab.url", "C:\ProgramData\ITHelpers\ff.NT"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{F04D2D30-776C-4d02-8627-8E4385ECA58D}"="C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.11.42\coFFPlgn" [18/09/2015 17:27] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions iikflkcanblccfahdhdonehdalibjnif - No path found[] nppllibpnmahfaklnpggkibhkapjkeob - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx[05/03/2015 10:45] Google Drive - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Norton Identity Safe - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif jlioidldolgbmanndggdnldambdlglgj - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlioidldolgbmanndggdnldambdlglgj mhophkifmlkobgkeahlhcdnjadcpmlbp - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhophkifmlkobgkeahlhcdnjadcpmlbp Google Wallet - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Norton Security Toolbar - User\AppData\Local\Slimjet\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe Norton Identity Safe - User\AppData\Local\Slimjet\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif Chrome Web Store Payments - User\AppData\Local\Slimjet\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda selector is not a valid CSS selector - User\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp ==== Chromium Fix ====================== C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif deleted successfully C:\Users\User\AppData\Local\Slimjet\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130848176831699050&GUID=EB33BC34-4679-4131-B97D-AF0D898FC9CD" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130848176831699050&GUID=EB33BC34-4679-4131-B97D-AF0D898FC9CD" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {33BB0A4E-99AF-4226-BDF6-49120163DE86} Bing Url="http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1" {ielnksrch} Search the web Url="http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzJvkMKt1UGZNXQE3eQ9gwALxaJl4qF8TCDztTOGSyPjsIY7aV_X2sgsTb0a9wrJNigAzvRuA7o3AWhiQMed5c5wKrVBxzjODzXjKMvpaLQAvDmcsgj5TrXak_I1zNKjVzmYWNPh0e2AYWbGkeTPzbKoExj_L&q={searchTerms}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [BingSvc] C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - Global Startup: ISCTSystray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{4302931F-0079-4482-AC7A-1E80D7D65DD9}: NameServer = 82.163.143.169,82.163.142.171 O17 - HKLM\System\CCS\Services\Tcpip\..\{B600091B-2DEE-4260-B343-AC93A48A6234}: NameServer = 82.163.143.169,82.163.142.171 O17 - HKLM\System\CS1\Services\Tcpip\..\{4302931F-0079-4482-AC7A-1E80D7D65DD9}: NameServer = 82.163.143.169,82.163.142.171 O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe O23 - Service: ITHelper service (ITHelper) - Unknown owner - C:\ProgramData\ITHelper\ITHelper (file missing) O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE\6GE0APZD will be deleted at reboot C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE\E9VK87WP will be deleted at reboot C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE\VF3GIY6E will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\User\AppData\Local\Mozilla\Firefox\Profiles\gfnpttr2.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\User\AppData\Local\Opera Software\Opera Stable\Cache will be emptied at reboot C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\User\AppData\Local\Slimjet\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2012 folders=308 155649533 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\User\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\User\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\User\AppData\Local\Opera Software\Opera Stable\Cache\data_0" deleted "C:\Users\User\AppData\Local\Opera Software\Opera Stable\Cache\data_1" deleted "C:\Users\User\AppData\Local\Opera Software\Opera Stable\Cache\data_2" deleted "C:\Users\User\AppData\Local\Opera Software\Opera Stable\Cache\data_3" deleted "C:\Users\User\AppData\Local\Opera Software\Opera Stable\Cache\f_001a78" deleted "C:\Users\User\AppData\Local\Opera Software\Opera Stable\Cache\index" deleted "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found "C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE\6GE0APZD" not found "C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE\E9VK87WP" not found "C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE\VF3GIY6E" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on vr 18/09/2015 at 20:11:49,30 ======================