Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Robert on vr 11-04-2014 at 9:45:58,75.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Robert\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
11-4-2014 9:48:29 Zoek.exe System Restore Point Created Succesfully.
==== Torpig Check ======================
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll
==== Empty Folders Check ======================
C:\PROGRA~2\Freemake deleted successfully
C:\PROGRA~2\JLC's Software deleted successfully
C:\PROGRA~2\Magical Jelly Bean deleted successfully
C:\PROGRA~2\MpcStar deleted successfully
C:\PROGRA~2\Sony Mobile deleted successfully
C:\PROGRA~2\VideoLAN deleted successfully
C:\PROGRA~2\COMMON~1\DESIGNER deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Program Files\BitComet deleted successfully
C:\Program Files\Fighters deleted successfully
C:\Program Files\Google deleted successfully
C:\Program Files\McAfee deleted successfully
C:\Program Files\ReviverSoft deleted successfully
C:\PROGRA~3\Freemake deleted successfully
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully
C:\Users\Robert\AppData\Roaming\HpUpdate deleted successfully
C:\Users\Robert\AppData\Roaming\JLC's Software deleted successfully
C:\Users\Robert\AppData\Roaming\Nokia Ovi Suite deleted successfully
C:\Users\Robert\AppData\Roaming\Octoshape deleted successfully
C:\Users\Robert\AppData\Local\Downloaded Installations deleted successfully
C:\Users\Robert\AppData\Local\kpn deleted successfully
C:\Users\Robert\AppData\Local\ms-drivers deleted successfully
C:\Users\Robert\AppData\Local\Real deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\vsnpstd3.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Windows\FixCamera.exe
C:\Windows\tsnpstd3.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Users\Robert\Downloads\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.0.0 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater18.0.0 deleted successfully
==== Deleting Files \ Folders ======================
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found
C:\Users\Robert\daemonprocess.txt deleted
C:\Users\Robert\.android deleted
C:\PROGRA~2\TorrentSearch deleted
C:\Users\Robert\AppData\Local\cache deleted
C:\Users\Robert\Downloads\avg_free_stb_all_2014_4335_cnet.exe deleted
C:\Users\Robert\Downloads\drivermax_7_25_cnet.exe deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
==== System Specs ======================
Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 2813 MB
CPU Info: AMD Sempron(tm) M120
CPU Speed: 2092,9 MHz
Sound Card: Luidsprekers en koptelefoons (I |
Display Adapters: AMD M880G with ATI Mobility Radeon HD 4200 | AMD M880G with ATI Mobility Radeon HD 4200 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm |
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20) | Microsoft Virtual WiFi Miniport Adapter | Qualcomm Atheros AR9285 802.11b/g/n WiFi Adapter
CD / DVD Drives: 1x (F: | ) F: hp DVDRAM GT30L
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C: 218,9GB | D: 13,7GB | E: 99,2MB
Hard Disks - Free: C: 159,2GB | D: 2,3GB | E: 99,2MB
Manufacturer *: Hewlett-Packard
BIOS Info: AT/AT COMPATIBLE | 01/25/10 | HPQOEM - 3
Time Zone: West-Europa (standaardtijd)
Motherboard *: Hewlett-Packard 363F
Country: Nederland
Language: NLD
==== System Specs (Software) ======================
Anti-Virus: AVG AntiVirus Free Edition 2014 On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: AVG AntiVirus Free Edition 2014 disabled (Outdated)
Default Browser: Google Chrome 33.0.1750.154
Internet Explorer Version: 11.0.9600.16659
Google Chrome version: 33.0.1750.154
Flash Player version: 12.0.0.77
Shockwave Player version: 11.6.5r635
==== Files Recently Created / Modified ======================
====== C:\Windows ====
2014-04-11 06:44:31 470C1024972BFC1BD4F2E50AAEDB2DA4 377335061 ----a-w- C:\Windows\MEMORY.DMP
2014-04-08 13:47:15 FB0C8699B87F7140BB6201BE7B4B6778 827392 ----a-w- C:\Windows\vsnpstd3.exe
2014-04-08 13:47:14 F4D40E1893230F62D184B5030A4C4E4E 53248 ----a-w- C:\Windows\csnpstd3.dll
2014-04-08 13:47:14 AB844F126F342FC487534C58D8C18547 13023 ----a-w- C:\Windows\snpstd3.src
2014-04-08 13:47:14 6CD72592F71F43E596FD3FEC6D0C2066 270336 ----a-w- C:\Windows\tsnpstd3.exe
2014-04-08 13:47:14 257D0B93509616D6403D4919F9C65F08 15498 ----a-w- C:\Windows\snpstd3.ini
2014-04-08 12:19:12 6F9455F97D5D91FDEEC0F344E70A2D0E 20480 ----a-w- C:\Windows\FixCamera.exe
====== C:\Users\Robert\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-04-09 09:54:05 CCF19C82F6145E4A467F7CB9AF82026C 17073152 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2014-04-09 09:54:04 A45A13AAC7777C096A073FF1F4F5A0D5 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2014-04-09 09:53:49 76161B9D78A275F8F28DD67436013110 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll
2014-04-09 09:53:49 2E1D6624EE2C3F454CADF09DC59E78B0 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe
2014-04-09 09:53:48 1F76F7CB3C690ACB985C2FD419383B49 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 09:53:48 1E886E327F37F34CC7465F1605D1F3CD 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll
2014-04-09 09:53:47 A30AB03E7C837A17AC70E67E63B8E2F6 2048 ----a-w- C:\Windows\SysWOW64\user.exe
2014-04-09 09:53:47 9F3D88540DB73F5213D5044CB50006DF 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe
2014-04-08 13:47:14 AA4AC1FE8BA8890CF284BFE61B4735B4 172032 ----a-w- C:\Windows\SysWOW64\rsnpstd3.dll
2014-04-07 10:57:38 38E63F081E891F09DB801E319071D58C 477008 ----a-w- C:\Windows\SysWOW64\hmpalert.dll
====== C:\Windows\SysWOW64\drivers =====
2014-04-08 13:47:14 A37E84EB12C39D36EDDEB7966429E75F 10252544 ----a-w- C:\Windows\SysWOW64\drivers\snpstd3.sys
====== C:\Windows\Sysnative =====
2014-04-09 09:54:06 C3E3EFD320D0000BE6F9CDB00CD6086F 23134208 ----a-w- C:\Windows\Sysnative\mshtml.dll
2014-04-09 09:54:04 14257E59C8452DCC38B8D55DEDC6EE0D 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2014-04-09 09:53:49 D2A513EE880D71BDE7F0257F38B9D019 1163264 ----a-w- C:\Windows\Sysnative\kernel32.dll
2014-04-09 09:53:49 7434E01FBCA3CB86539C39412A31D5E1 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll
2014-04-09 09:53:49 2A107B611C91CD256466C58C0D776E9D 243712 ----a-w- C:\Windows\Sysnative\wow64.dll
2014-04-09 09:53:48 74959C718FF4594369645F35B7DF19C4 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll
2014-04-09 09:53:48 0F090A77E664CB0F70AB8D3B230B760C 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll
2014-04-08 13:47:15 3D258C8F14EE5E26D5762D8545B89326 306176 ----a-w- C:\Windows\Sysnative\vsnpstd3.dll
2014-04-07 10:57:38 977D30FE2E77C7E09F3424DF33724024 548424 ----a-w- C:\Windows\Sysnative\hmpalert.dll
====== C:\Windows\Sysnative\drivers =====
2014-04-09 09:53:55 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\Sysnative\drivers\storport.sys
2014-04-09 09:53:55 96BB922A0981BC7432C8CF52B5410FE6 274880 ----a-w- C:\Windows\Sysnative\drivers\msiscsi.sys
2014-04-09 09:53:54 B3222734D80013D2C73841B0C549FA63 27584 ----a-w- C:\Windows\Sysnative\drivers\Diskdump.sys
2014-04-09 09:53:46 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys
2014-04-08 13:47:15 3B7162AC2E64623EF35778A59674E3A9 10550656 ----a-w- C:\Windows\Sysnative\drivers\snpstd3.sys
2014-04-07 10:57:38 CF07C0A9D38A248D036DD9C47E4D0D6E 93144 ----a-w- C:\Windows\Sysnative\drivers\hmpalert.sys
2014-04-03 11:27:08 6140163BFE9D8F2DFDBA088ED5521C13 119512 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2014-04-03 11:25:43 FD5465B876D55534117963FAAA4B9DFC 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys
2014-04-03 11:25:43 C49915271600CFC2305FAA4271D0002F 63192 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys
2014-04-03 11:25:43 4A1356200B82B852E137B687F03E8054 88280 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys
2014-03-20 13:21:48 E9981ECE8D894CEF7038FD1D040EB426 56832 ----a-w- C:\Windows\Sysnative\drivers\TsUsbFlt.sys
====== C:\Windows\Tasks ======
2014-04-04 09:58:46 8F747E4C8027D3C721EA5228860C2A17 3184 ----a-w- C:\Windows\Sysnative\Tasks\{25E2C059-991F-43DB-8295-483C882412FF}
2014-03-24 08:02:52 BF4205A0D103AF54B0926AF4163F3A9E 3344 ----a-w- C:\Windows\Sysnative\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4132884842-2695504495-3771251730-1000
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-03-20 13:21:23 -------- d-----w- C:\Program Files\Synaptics
======= C:\PROGRA~2 =====
2014-04-08 13:47:14 -------- d-----w- C:\PROGRA~2\COMMON~1\snpstd3
2014-04-07 10:57:38 -------- d-----w- C:\PROGRA~2\HitmanPro.Alert
2014-04-06 13:01:42 -------- d-----w- C:\PROGRA~2\EMET 4.1
======= C: =====
2014-04-10 17:19:31 50FE58A0D52F3B35B6FFF205E1DEE9D3 1154 ----a-w- C:\mbam 10-4.txt
2014-03-16 09:39:38 63EF77A27B77E4BAEAA5882A08F8849A 2238 ----a-w- C:\DelFix.txt
====== C:\Users\Robert\AppData\Roaming ======
2014-04-09 17:33:06 -------- d-----w- C:\Users\Robert\AppData\Roaming\driveridentifier
2014-04-02 10:11:01 9ECBAEC1B3703D30C2EFFA04DC546F44 46 ----a-w- C:\Users\Robert\AppData\Roaming\WB.CFG
2014-03-21 13:00:12 -------- d-----w- C:\Users\Robert\AppData\Roaming\AVG2014
2014-03-21 12:59:57 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2014
2014-03-21 12:59:38 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2014
2014-03-21 12:57:58 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2014
2014-03-21 12:54:00 -------- d-----w- C:\Users\Robert\AppData\Local\Avg2014
2014-03-15 07:47:09 -------- d-----w- C:\Users\Robert\AppData\Local\Skype
====== C:\Users\Robert ======
2014-04-08 13:47:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trust
2014-04-08 13:44:07 E831B1A07826B7C3FA2B18DC63C94CAA 10195176 ----a-w- C:\Users\Robert\Downloads\15082-03_05.exe
2014-04-08 13:25:10 55A0867E691D550D944B5FBAD27ECD56 3482112 ----a-w- C:\Users\Robert\Downloads\wzdu18.exe
2014-04-07 10:57:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert
2014-04-07 10:56:04 C0F3DDA847FFB13D746414284A3BE40B 1862480 ----a-w- C:\Users\Robert\Downloads\hmpalert.exe
2014-04-06 13:01:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enhanced Mitigation Experience Toolkit
2014-04-03 11:20:56 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Robert\Downloads\mbam-setup-2.0.0.1000 (1).exe
2014-04-03 11:20:51 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Robert\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-02 16:25:31 F445E1DE976645E47C81E2116061A007 593920 ----a-w- C:\Users\Robert\Downloads\Jaap_s Puch Calculator.exe
2014-04-01 18:10:58 238BC94DDC258DD3B339B204BF394F0D 1125464 ----a-w- C:\Users\Robert\Downloads\bittorrent [1].exe
2014-03-31 10:02:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-03-25 10:27:14 -------- d-----w- C:\ProgramData\Sony
2014-03-21 12:58:55 -------- d-----w- C:\ProgramData\AVG2014
2014-03-15 07:46:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
====== C: exe-files ==
2014-04-11 07:25:28 8FAE9109245E4B4FF42704ECFB86F1B6 8704216 ----a-w- C:\Program Files (x86)\Google\Update\Install\{904D19DC-F669-4CD9-A4F0-01A7B9AAEB4B}\34.0.1847.116_33.0.1750.154_chrome_updater.exe
2014-04-11 07:25:28 8FAE9109245E4B4FF42704ECFB86F1B6 8704216 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\34.0.1847.116\34.0.1847.116_33.0.1750.154_chrome_updater.exe
2014-04-08 13:47:15 FB0C8699B87F7140BB6201BE7B4B6778 827392 ----a-w- C:\Windows\vsnpstd3.exe
2014-04-08 13:47:15 FB0C8699B87F7140BB6201BE7B4B6778 827392 ----a-w- C:\Program Files (x86)\Common Files\snpstd3\vsnpstd3.exe
2014-04-08 13:47:15 6CD72592F71F43E596FD3FEC6D0C2066 270336 ----a-w- C:\Program Files (x86)\Common Files\snpstd3\tsnpstd3.exe
2014-04-08 13:47:14 6CD72592F71F43E596FD3FEC6D0C2066 270336 ----a-w- C:\Windows\tsnpstd3.exe
2014-04-08 13:47:13 FBAB280D0CAC5E21C72F0A1A7B5B9608 455600 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{ECD03DA7-5952-406A-8156-5F0C93618D1F}\setup.exe
2014-04-08 13:44:07 E831B1A07826B7C3FA2B18DC63C94CAA 10195176 ----a-w- C:\Users\Robert\Downloads\15082-03_05.exe
2014-04-08 13:25:10 55A0867E691D550D944B5FBAD27ECD56 3482112 ----a-w- C:\Users\Robert\Downloads\wzdu18.exe
2014-04-08 12:19:12 6F9455F97D5D91FDEEC0F344E70A2D0E 20480 ----a-w- C:\Windows\FixCamera.exe
2014-04-07 10:57:38 2638395F6E61889D75C363A80A0E17F4 1876816 ----a-w- C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
2014-04-07 10:56:04 C0F3DDA847FFB13D746414284A3BE40B 1862480 ----a-w- C:\Users\Robert\Downloads\hmpalert.exe
=== C: other files ==
2014-04-09 09:53:55 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\System32\drivers\storport.sys
2014-04-09 09:53:55 96BB922A0981BC7432C8CF52B5410FE6 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
2014-04-09 09:53:54 B3222734D80013D2C73841B0C549FA63 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2014-04-09 09:53:46 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2014-04-08 13:47:15 3B7162AC2E64623EF35778A59674E3A9 10550656 ----a-w- C:\Windows\System32\drivers\snpstd3.sys
2014-04-08 13:47:15 3B7162AC2E64623EF35778A59674E3A9 10550656 ----a-w- C:\Program Files (x86)\Common Files\snpstd3\x64\snpstd3.sys
2014-04-08 13:47:14 A37E84EB12C39D36EDDEB7966429E75F 10252544 ----a-w- C:\Windows\SysWOW64\drivers\snpstd3.sys
2014-04-08 13:47:14 A37E84EB12C39D36EDDEB7966429E75F 10252544 ----a-w- C:\Program Files (x86)\Common Files\snpstd3\snpstd3.sys
2014-04-07 10:57:38 CF07C0A9D38A248D036DD9C47E4D0D6E 93144 ----a-w- C:\Windows\System32\drivers\hmpalert.sys
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-21-4132884842-2695504495-3771251730-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHBE.EXE /EPT EPLTarget\P0000000000000000 /M Epson Stylus SX440"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"
"EMET 4.1 Agent"="C:\Program Files (x86)\EMET 4.1\EMET_agent.exe"
"FixCamera"="C:\Windows\FixCamera.exe"
"tsnpstd3"="C:\Windows\tsnpstd3.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHBE.EXE /EPT EPLTarget\P0000000000000000 /M Epson Stylus SX440"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"snpstd3"="C:\Windows\vsnpstd3.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
==== Startup Registry Disabled ======================
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"AVG-Secure-Search-Update_1213b"="C:\\Users\\Robert\\AppData\\Roaming\\AVG 1213b Campaign\\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=04c3810265cc0043c93a5833cac041c0-11983c526691f190317d08944ca502ba934f483e /CMPID=1213b"
"Sony Ericsson PC Companion"="\"C:\\Program Files (x86)\\Sony Ericsson\\Sony Ericsson PC Companion\\PCCompanion.exe\" /Background"
==== Startup Registry Disabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe Reader Speed Launcher"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Akamai NetSession Interface]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Akamai NetSession Interface"
"hkey"="HKCU"
"command"="\"C:\\Users\\Robert\\AppData\\Local\\Akamai\\netsession_win.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EEventManager]
"command"="\"C:\\Program Files (x86)\\Epson Software\\Event Manager\\EEventManager.exe\""
"hkey"="HKLM"
"item"="EEventManager"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FixCamera]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="FixCamera"
"hkey"="HKLM"
"command"="C:\\Windows\\FixCamera.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IntelliPoint]
"command"="\"c:\\Program Files\\Microsoft IntelliPoint\\ipoint.exe\""
"hkey"="HKLM"
"item"="IntelliPoint"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KPN Assistent]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KPN Assistent"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\KPN\\KPN Assistent\\KPN_Assistent.exe /auto"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaMServer]
"command"="C:\\Program Files (x86)\\Common Files\\Nokia\\MPlatform\\NokiaMServer /watchfiles startup"
"hkey"="HKLM"
"item"="NokiaMServer"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC]
"command"="\"C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\" MSRun"
"hkey"="HKLM"
"item"="StartCCC"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh]
"command"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"hkey"="HKLM"
"item"="SynTPEnh"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SysTrayApp]
"command"="C:\\Program Files\\IDT\\WDM\\sttray64.exe"
"hkey"="HKLM"
"item"="SysTrayApp"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe]
"command"="\"C:\\Program Files (x86)\\Real\\RealPlayer\\Update\\realsched.exe\" -osboot"
"hkey"="HKLM"
"item"="TkBellExe"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ :C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05-02-2014 21:29]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05-02-2014 21:29]
C:\Windows\tasks\HPCeeScheduleForRobert.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [07-10-2009 05:22]
==== Other Scheduled Tasks ======================
"C:\Windows\SysNative\tasks\0" [c:\program files (x86)\internet explorer\iexplore.exe]
"C:\Windows\SysNative\tasks\4803" [wscript.exe C:\Users\Robert\AppData\Local\Temp\launchie.vbs //B]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Adobe online update program" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\Express Files Updater" [C:\Program Files (x86)\ExpressFiles\EFupdater.exe]
"C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HP online update program" [C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe]
"C:\Windows\SysNative\tasks\HPCeeScheduleForRobert" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]
"C:\Windows\SysNative\tasks\Launch HTC Sync Loader" [C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4132884842-2695504495-3771251730-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4132884842-2695504495-3771251730-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files (x86)\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\Sun Microsystems online update program" [C:\Program Files\Java\jre6\bin\jusched.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{58082D7E-CF62-4167-B57A-C396529A6529}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{5F769506-941E-44DD-895F-4F482AD3C644}" [F:\Elsawin 3.3 Install\Utilities\Acrobat Reader 5.05\ar505deu.exe]
"C:\Windows\SysNative\tasks\{82322215-6299-4676-A312-3B650ADA2DB6}" [F:\Elsawin 3.3 Install\Utilities\Acrobat Reader 5.05\ar505deu.exe]
"C:\Windows\SysNative\tasks\{B1E76EF1-444C-4F33-8879-10A1D537757A}" [F:\Elsawin 3.3 Install\Utilities\Acrobat Reader 5.05\ar505deu.exe]
"C:\Windows\SysNative\tasks\{B4B5A0DC-D510-4883-975F-0032C6F9DB84}" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe]
"C:\Windows\SysNative\tasks\{DF0B0BE0-980A-4959-9B18-4695FC483B25}" [F:\Elsawin 3.3 Install\Utilities\Acrobat Reader 5.05\ar505deu.exe]
==== Folders in C:\PROGRA~3 0-6 Months Old ======================
2013-11-12 12:12:49 -------- d-----w- C:\PROGRA~3\Ashampoo
2014-03-21 12:58:55 -------- d-----w- C:\PROGRA~3\AVG2014
2014-03-25 10:27:14 -------- d-----w- C:\PROGRA~3\Sony
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [02-10-2013 12:02]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\jfwprd8z.default
- Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
- Undetermined - C:\ProgramData\Browser Manager\2.3.759.138\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\FirefoxExtension
- Undetermined - C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f}
- Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
- Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
- Undetermined - C:\ProgramData\AVG Secure Search\FireFoxExt\14.1.0.10
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\extensions\{129b29a3-f554-444b-aa12-8ead59836cc8}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
==== Firefox Plugins ======================
Profilepath: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\jfwprd8z.default
ADC539F67D3198679F480974EE203678 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.210.11
3D3CAF586124C4E8102764C8B3063BB6 - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft Windows Operating System
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14-08-2013 15:24]
Google Docs - Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
RealDownloader - Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Google Wallet - Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://symbaloo.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://symbaloo.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Deleting Registry Keys ======================
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Video Player deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully
==== HijackThis Entries ======================
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [EMET 4.1 Agent] "C:\Program Files (x86)\EMET 4.1\EMET_agent.exe"
O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHBE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX440"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} -
http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} -
http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) -
http://lads.myspace.com/upload/MySpaceUploader2.cab
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) -
http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HitmanPro.Alert Service (hmpalertsvc) - SurfRight B.V. - C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3IZ0H7U8 will be deleted at reboot
C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X3DPXD2X will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=197 folders=23 16895939 bytes)
==== Empty Temp Folders ======================
C:\Users\AppData\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\Robert\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Robert\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3IZ0H7U8" not found
"C:\Users\Robert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X3DPXD2X" not found
==== EOF on vr 11-04-2014 at 11:44:23,39 ======================