Zoek.exe v5.0.0.1 Updated 19-September-2016 Tool run by Boumon on zo 08/01/2017 at 21:48:48,59. Microsoft Windows 10 Pro 10.0.14393 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Boumon\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 8/01/2017 22:04:03 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\Program Files\Apoint deleted successfully C:\Program Files\Intel deleted successfully C:\Program Files\log deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\Freemake deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully C:\Users\Boumon\AppData\Local\ActiveSync deleted successfully C:\Users\Boumon\AppData\Local\Conduit deleted successfully C:\Users\Boumon\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Boumon\AppData\Local\EmieSiteList deleted successfully C:\Users\Boumon\AppData\Local\EmieUserList deleted successfully C:\Users\Boumon\AppData\Local\NetworkTiles deleted successfully C:\Users\Boumon\AppData\Local\PeerDistRepub deleted successfully C:\Users\Boumon\AppData\Local\Unity deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2234612452-587246959-1794684615-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully HKEY_USERS\S-1-5-21-2234612452-587246959-1794684615-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully HKEY_USERS\S-1-5-21-2234612452-587246959-1794684615-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_USERS\S-1-5-21-2234612452-587246959-1794684615-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_CLASSES_ROOT\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2234612452-587246959-1794684615-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] ==== Deleting Files \ Folders ====================== C:\PROGRA~2\EXIF Date Changer deleted C:\Users\Boumon\AppData\LocalLow\Conduit deleted C:\PROGRA~2\Wondershare deleted C:\PROGRA~2\Conduit deleted C:\PROGRA~2\COMMON~1\Wondershare deleted C:\test.xml deleted C:\1__Argon__.tmp deleted C:\2__Argon__.tmp deleted C:\3__Argon__.tmp deleted C:\4__Argon__.tmp deleted C:\_IS6BAT_.TMP deleted C:\__Argon__.tmp deleted C:\PROGRA~3\Avg_Update_0814av deleted C:\PROGRA~3\AVG Security Toolbar deleted C:\PROGRA~3\Package Cache deleted C:\Users\Boumon\AppData\Local\CRE deleted C:\Users\Boumon\AppData\Local\{43C1E69E-6361-4F0D-B3B6-2659FC8E2853} deleted C:\Users\Boumon\AppData\Local\Wondershare deleted C:\Users\Boumon\AppData\Local\Smartbar deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted C:\Users\boumi_000\AppData\LocalLow\AVG Web TuneUp deleted C:\Users\Boumon\AppData\LocalLow\Unity deleted C:\END deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\gpt.ini deleted C:\WINDOWS\Syswow64\sho14AB.tmp deleted C:\WINDOWS\Syswow64\sho3720.tmp deleted C:\WINDOWS\Syswow64\sho3AF5.tmp deleted C:\WINDOWS\Syswow64\sho4160.tmp deleted C:\WINDOWS\Syswow64\sho6DDD.tmp deleted C:\WINDOWS\Syswow64\sho77CB.tmp deleted C:\WINDOWS\Syswow64\sho92E5.tmp deleted C:\WINDOWS\Syswow64\shoB070.tmp deleted C:\WINDOWS\Syswow64\shoFEAE.tmp deleted "C:\Users\Boumon\AppData\Roaming\CSharpAnalytics-MeasurementSession" deleted "C:\Users\Boumon\AppData\Roaming\AmPro\am_pro.cfg" deleted "C:\Users\Boumon\AppData\Roaming\duet" deleted "C:\Users\Boumon\AppData\Roaming\iolo" deleted "C:\Users\Boumon\AppData\Roaming\AmPro" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\Boumon\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2017-01-08 19:48:05 C38011359BB765C0D2CEAE0261B867EC 97856 ----a-w- C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2017-01-07 13:20:45 228D4C41ED82F4C92AE283302BCE4CCE 74703 ----a-w- C:\WINDOWS\SysWOW64\mfc45.dat ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2017-01-07 13:20:43 36CD3839B06CC1B49B01B2256F3FFD9C 26288 ----a-w- C:\WINDOWS\Sysnative\iolorgdf64.exe ====== C:\WINDOWS\Sysnative\drivers ===== ====== C:\WINDOWS\Tasks ====== 2016-12-19 11:39:51 5BCC894BD76DAAFF4D50DDF8C89CFEAF 3284 ----a-w- C:\WINDOWS\Sysnative\Tasks\OneDrive Standalone Update Task v2 ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2017-01-07 16:27:31 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2017-01-08 19:48:37 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\Boumon\AppData\Roaming ====== 2016-12-24 11:37:04 -------- d-----w- C:\Users\Boumon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox ====== C:\Users\Boumon ====== 2017-01-08 19:48:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-01-08 19:26:31 A8752E848C88A477CF88BA615E4EB28A 737344 ----a-w- C:\Users\Boumon\Downloads\JavaSetup8u111.exe 2017-01-07 16:26:41 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Boumon\Downloads\RSITx64.exe 2017-01-07 13:20:45 -------- d-----w- C:\ProgramData\iolo 2017-01-07 13:20:38 -------- d--h--r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care 2016-12-12 18:33:20 -------- d-----w- C:\Users\Boumon\dwhelper ====== C: exe-files == 2017-01-07 16:27:32 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Boumon.exe 2017-01-07 13:22:05 FAA25A047F6F76A5B231D8D050080FF7 20872 ----a-w- C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe 2017-01-07 13:22:05 BF01A6F8FCA6B9E6F4F003273AE8C940 23128 ----a-w- C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe 2017-01-07 13:22:05 74BBDD886F247ECD691615265E4E3C9C 20360 ----a-w- C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe === C: other files == 2017-01-08 19:47:52 467720B73E839ED66826EAF59C9A59E7 14156 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_111\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-2234612452-587246959-1794684615-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Boumon\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "OneDrive"="C:\Users\Boumon\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Dropbox Update"="C:\Users\Boumon\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "iFunBox"="C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe /tray" "iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" "iCloudPhotos"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe" [HKEY_USERS\S-1-5-21-2234612452-587246959-1794684615-1010\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-2234612452-587246959-1794684615-1010\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Duet Display"="C:\Program Files\Kairos\Duet Display\duet.exe" "AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe /lps=fmw" "AVG_UI"="C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe /lps=av" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Boumon\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "OneDrive"="C:\Users\Boumon\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Dropbox Update"="C:\Users\Boumon\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "iFunBox"="C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe /tray" "iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" "iCloudPhotos"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" "cAudioFilterAgent"="C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "hkey"="HKLM" "item"="Adobe ARM" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\"" "hkey"="HKLM" "item"="Adobe Reader Speed Launcher" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ACDaemon] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Apple Mobile Device Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bonjour Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ddmgr] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DuetUpdater] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iPod Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LMIRescue_db0a529c-823a-4128-a628-80bb99726c50] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LMS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MozillaMaintenance] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NetworkSupport] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\nvsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\nvUpdatusService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SampleCollector] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SOHCImp] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SOHDs] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SpfService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\uCamMonitor] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\UNS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\VCFw] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\VcmIAlzMgr] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\VcmINSMgr] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\VcmXmlIfHelper] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\VCService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\VSNService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\VUAgent] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ZAtheros Bt and Wlan Coex Agent] ==== Startup Folders ====================== 2014-09-08 16:43:47 1718 --sha-w- C:\Users\Boumon\AppData\Roaming\Microsoft\LastFlashConfig.wfc ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [24/12/2016 12:37] C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job --a-------- C:\WINDOWS\explorer.exe [02/11/2016 11:59] C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-2234612452-587246959-1794684615-1001Core1d2374ef08afcd2.job --a-------- C:\Users\Boumon\AppData\Local\Dropbox\Update\DropboxUpdate.exe [05/11/2016 11:25] C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-2234612452-587246959-1794684615-1001UA1d2374ef1e729ad.job --a-------- C:\Users\Boumon\AppData\Local\Dropbox\Update\DropboxUpdate.exe [05/11/2016 11:25] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\AVG EUpdate Task" [avgsetupx.exe] "C:\WINDOWS\SysNative\tasks\AVGPCTuneUp_Task_BkGndMaintenance" [C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe] "C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-2234612452-587246959-1794684615-1001Core1d2374ef08afcd2" [C:\Users\Boumon\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-2234612452-587246959-1794684615-1001UA1d2374ef1e729ad" [C:\Users\Boumon\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\WINDOWS\SysNative\tasks\DuetUpdater" [C:\Program Files\Kairos\Duet Display\DuetUpdater.exe] "C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task" [C:\Users\Boumon\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe] "C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task v2" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe] "C:\WINDOWS\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{2C831030-B87B-4EFA-9DFB-89812ED939D2}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{CE57D7AD-3562-4DC3-97BA-9A61D6FE2DCF}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{FFDE4DA8-7ABE-428A-8775-871B79316D28}" [C:\Windows\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Care\ActiveStatusCollect" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Care\DeployCRMflag" ["%ProgramFiles%\Sony\VAIO Care\DeployCRMflag.exe"] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Care\GetPOTInfo" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Care\GetSystemInfo" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Care\UpdateSolution" ["%ProgramFiles%\Sony\VAIO Care\Solution.Updater.exe"] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Care\UploadPOT" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Care\VAIO Care" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Care\VCCheckIolo" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Care\VCMetrics" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Care\VCOneClick" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Care\VCRLog" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Care\VKSvcDaily" ["%ProgramFiles%\Sony\VAIO Care\VAIOTM\VKSvc.exe"] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Care\VKSvcWeekly" ["%ProgramFiles%\Sony\VAIO Care\VAIOTM\VKSvc.exe"] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Care\VTSvc" ["%ProgramFiles%\Sony\VAIO Care\VAIOTM\VTSvc.exe"] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Care\VTUsr" ["%ProgramFiles%\Sony\VAIO Care\VAIOTM\VTUsr.exe"] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start" [C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Gate\StartExecuteProxy" ["%programfiles%\Sony\VAIO Gate\ExecutionProxy.exe"] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Gate\VAIO Gate" [C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart" ["%ProgramFiles%\Sony\VAIO Gate\VAIO Gate.exe"] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader" [C:\Program Files\Sony\VAIO Improvement\viuploader.exe] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation" [C:\Program Files\Sony\VAIO Improvement Validation\viv.exe] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start" [C:\Program Files\Sony\VAIO Smart Network\VSNClient] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Update\VAIO Update" ["C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe"] "C:\WINDOWS\SysNative\tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair" [C:\Program Files\Sony\VAIO Update\VUSR.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Boumon\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Boumon\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://vaioportal.sony.eu/" "Default_Page_URL"="http://vaioportal.sony.eu" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://vaioportal.sony.eu/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC HKCU\SearchScopes\{62A222F3-070A-4B17-B4C1-4D26AB119446} - http://services.zinio.com/search?s={searchTerms}&rf=sonyslices HKCU\SearchScopes\{741CE26C-CDBD-4010-962C-D2FB51944DCE} - http://rover.ebay.com/rover/1/1553-42507-16445-59/4?mpre=http://shop.benl.ebay.be/?oemInLn=ieSrch-Q311&_nkw={searchTerms} ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Boumon\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Boumon\AppData\Local\Microsoft\Windows\INetCache\IE\KMD6F8XR will be deleted at reboot C:\Users\Boumon\AppData\Local\Microsoft\Windows\INetCache\IE\T39CWUDC will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Boumon\AppData\Local\Mozilla\Firefox\Profiles\28e2foox.default-1480521065888\cache2 emptied successfully C:\Users\Boumon\AppData\Local\Mozilla\Firefox\Profiles\j5qu1f9u.default\cache2 emptied successfully C:\Users\Boumon\AppData\Local\Mozilla\Firefox\Profiles\sp0y43bg.default\cache2 emptied successfully C:\Users\Boumon\AppData\Local\Mozilla\Firefox\Profiles\uhgdvafo.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=273 folders=75 145266458 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Boumon\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== After Reboot ====================== ==== Deleting Files / Folders ====================== "C:\Users\Boumon\AppData\Local\Microsoft\Windows\INetCache\IE\KMD6F8XR" not found "C:\Users\Boumon\AppData\Local\Microsoft\Windows\INetCache\IE\T39CWUDC" not found ==== EOF on zo 08/01/2017 at 23:46:03,72 ====================== ==== EOF on zo 08/01/2017 at 23:46:03,72 ======================