Zoek.exe v5.0.0.0 Updated 14-April-2014 Tool run by Eva on wo 16-04-2014 at 15:54:26,57. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Eva\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 16-4-2014 15:59:26 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~3\CanonEPP deleted successfully C:\PROGRA~3\CanonIJEPPEX2 deleted successfully C:\PROGRA~3\Font Downloader deleted successfully C:\PROGRA~3\Freemake deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\Users\Eva\AppData\Roaming\TP deleted successfully C:\Users\Eva\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\M\AppData\Local\VirtualStore deleted successfully C:\Users\Sophie\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\Eva\AppData\Roaming\iWin deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Hotspot Shield deleted C:\PROGRA~3\iWin deleted C:\Users\Eva\Downloads\SoftonicDownloader_for_youwave.exe deleted C:\Users\Eva\Downloads\SoftonicDownloader_voor_vlc-media-player.exe deleted C:\Users\Eva\Downloads\SoftonicDownloader_voor_windowsandroid (1).exe deleted C:\Users\Eva\Downloads\SoftonicDownloader_voor_windowsandroid.exe deleted C:\Users\M\AppData\LocalLow\boost_interprocess deleted C:\Users\Eva\AppData\LocalLow\boost_interprocess deleted C:\Windows\Syswow64\Hotspot Shield deleted C:\Windows\Syswow64\sho3513.tmp deleted C:\Windows\Syswow64\sho3B20.tmp deleted C:\Windows\Syswow64\sho3ED5.tmp deleted C:\Windows\Syswow64\sho483C.tmp deleted C:\Windows\Syswow64\sho5756.tmp deleted C:\Windows\Syswow64\sho6526.tmp deleted C:\Windows\Syswow64\sho8334.tmp deleted C:\Windows\Syswow64\sho92F3.tmp deleted C:\Windows\Syswow64\sho94B2.tmp deleted C:\Windows\Syswow64\shoC022.tmp deleted C:\Windows\Syswow64\shoC88E.tmp deleted C:\Windows\Syswow64\shoD22F.tmp deleted C:\Windows\Syswow64\shoEF74.tmp deleted C:\Windows\Syswow64\shoF1DA.tmp deleted C:\Windows\Syswow64\shoF64D.tmp deleted "C:\Users\Eva\AppData\Roaming\VTExtra\cdcert.cat" deleted "C:\Users\Eva\AppData\Roaming\VTExtra" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Eva\AppData\Local\Temp ==== 2014-04-06 01:12:40 D3B8519380A78DFFCD566774D079A7BA 337216 ----a-w- C:\Users\Eva\AppData\Local\Temp\{B8D81BFC-AE79-4A62-B07C-C3422BE089DF}\_isres_0x0413.dll 2014-04-06 01:12:39 ED5AA645392883B21507C8D097FDA277 261424 ----a-w- C:\Users\Eva\AppData\Local\Temp\{B8D81BFC-AE79-4A62-B07C-C3422BE089DF}\ISRT.dll 2014-04-06 00:46:05 0DF15CF829E1712B186E659F763A6E7D 255495 ----a-w- C:\Users\Eva\AppData\Local\Temp\Uninstall.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-04-16 13:47:07 7EAB131EBF08F0E9E64C96285BD7D493 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-04-16 13:46:58 90B81156CF76103D107B60A7D02739C1 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-04-16 13:46:58 479099423E3058D55F1682F3330F9AA8 175016 ----a-w- C:\Windows\SysWOW64\java.exe 2014-04-16 13:46:58 26A414A2B7FC8AA5475CADB1189F1D02 175528 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-04-15 01:04:07 AA12D7A960DB78DD9690AB5B5DAE6586 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-04-15 01:03:51 CE6921D33682C6C3DB8A45853CC69402 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-04-15 01:03:20 A127D17C354B473B0F4C6265538F5A2C 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-04-15 01:03:11 7E9FE7DB43BC204E44F159F843E35C15 367616 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-04-15 01:03:10 EDACA6C44D9CE200F899B7DB0F201DFF 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-04-15 01:03:10 34FC79C948EE2C5FD0CD699E7D7F91B7 244224 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-04-15 01:03:09 EBC35FE64056910A84485BEEB6DCCAC6 524288 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-04-15 01:03:08 31385A6CAA31BE9D07B0B32E5AA99ABB 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-04-15 01:03:05 82287FCFFA4A2D60FD744E3FEB3192C5 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-04-15 01:03:05 21BF6759685FD193715B483F2B3F21B1 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-04-15 01:03:04 0FDC1A576A3F40420882C0F7C4A66EAD 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-04-15 01:02:58 C9CA9803299EB6AFA34CB520BAAB083D 32256 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-15 01:02:51 6557B48D53D653CFCCE3CB1CFA53A8E1 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-04-15 01:02:51 0F4A295516781897FFB09B4CCF2E8798 592896 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-04-15 01:02:50 BB185D4A9362AA17CBCEC0768CDBF249 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-04-15 01:02:39 05BD47136DE62FAFE9F95B40E4100144 2178048 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-04-15 01:02:37 E4E829EE073E046B0EB19B5FECB19B8C 1789440 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-04-15 01:02:35 76F58DB8F85C125E0D6B3AA42F3BF1D0 1143808 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-04-15 01:02:32 C4A383FD50FBD7E274DD41CF571DF898 1967104 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-04-15 01:02:28 2AFBB91BBD2378933B26E6D68C140D1B 11745792 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-04-15 01:02:26 EA85144F35EDE6EE25C484D4242FF2C8 17387008 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-04-15 01:02:17 8C46360D6EF9D4C563FE834C4F287DA3 4254720 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-04-09 12:28:22 76161B9D78A275F8F28DD67436013110 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll 2014-04-09 12:28:21 2E1D6624EE2C3F454CADF09DC59E78B0 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2014-04-09 12:28:19 1F76F7CB3C690ACB985C2FD419383B49 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2014-04-09 12:28:13 1E886E327F37F34CC7465F1605D1F3CD 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2014-04-09 12:28:11 A30AB03E7C837A17AC70E67E63B8E2F6 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2014-04-09 12:28:11 9F3D88540DB73F5213D5044CB50006DF 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-04-15 01:04:07 7446786E7092ABE122D372F95E6ED74B 574976 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-04-15 01:03:52 FFF555C177D9F2B79B5C3146BED09FB1 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-04-15 01:03:21 6A8AA25D37F89E40B834F34950E3B89B 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-04-15 01:03:17 D6067F7EE060C5D6D79008AD591B4E3B 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-04-15 01:03:17 3F498856C68725717195C16568FE19D0 586240 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-04-15 01:03:16 964C89BC8A52A260D68C90FDDEB862E2 38400 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-04-15 01:03:16 72116CC377FF4281B0132C397026D911 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-04-15 01:03:11 E0D95345D1EBB54F28E958782B9C0CE0 453120 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-04-15 01:03:11 3F547245C78F4847B73EDDFD4A2F7E12 752640 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-04-15 01:03:10 CFBA793F678EB3855052ECF99357A9A1 296960 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-04-15 01:03:09 E7161E2C66FF9B1E87C30FC9D2497ABB 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-04-15 01:03:09 CB57E934280D346AE0A9B053DAA284C5 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-04-15 01:03:08 75AD355828187145A60E3DC7BAF7B0F3 628736 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-04-15 01:03:05 1BF215FF4DF6DE10D2F81A2CE85157D2 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-04-15 01:03:04 A3F9A9E46BDDBB8B20B7CF3EEDB990F2 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-04-15 01:02:57 37D0FB9E5E8EDA40B66FC3FB3D660261 23549440 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-04-15 01:02:50 EBAD8A4D048ED257E4A45F6356541F86 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-04-15 01:02:49 915D8A9E112C97C90C654F792B6B28B9 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-04-15 01:02:48 A3A132CBE48AF0324466469F2CAAE8A2 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-04-15 01:02:46 710FD0E362A1A5C087DB90C1BAC46411 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-04-15 01:02:38 1F8534A19A66275C863DE17645CB2A13 2767360 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-04-15 01:02:36 F220BA78AB542C70211D73AE4729B2CD 2260480 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-04-15 01:02:35 32417AE8280276968E5C551ED85D3525 1400832 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-04-15 01:02:32 1654093C8BD3342997D27B71684ACCE8 2043904 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-04-15 01:02:30 A14BB2F5F6457738AAA11367F5172A05 13551104 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-04-15 01:02:25 BF25489459C7A762DD7B3186C7E3984D 5784064 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-04-09 12:28:22 D2A513EE880D71BDE7F0257F38B9D019 1163264 ----a-w- C:\Windows\Sysnative\kernel32.dll 2014-04-09 12:28:22 2A107B611C91CD256466C58C0D776E9D 243712 ----a-w- C:\Windows\Sysnative\wow64.dll 2014-04-09 12:28:21 7434E01FBCA3CB86539C39412A31D5E1 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll 2014-04-09 12:28:19 74959C718FF4594369645F35B7DF19C4 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll 2014-04-09 12:28:19 0F090A77E664CB0F70AB8D3B230B760C 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll ====== C:\Windows\Sysnative\drivers ===== 2014-04-11 12:30:58 AD6D273E646B94BB6668C8CB439CFBD3 237840 ----a-w- C:\Windows\Sysnative\drivers\VBoxDrv.sys 2014-04-11 12:30:35 E5C140160617B2B0545B4051AA9507FF 120080 ----a-w- C:\Windows\Sysnative\drivers\VBoxUSBMon.sys 2014-04-09 12:28:26 B3222734D80013D2C73841B0C549FA63 27584 ----a-w- C:\Windows\Sysnative\drivers\Diskdump.sys 2014-04-09 12:28:26 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\Sysnative\drivers\storport.sys 2014-04-09 12:28:26 96BB922A0981BC7432C8CF52B5410FE6 274880 ----a-w- C:\Windows\Sysnative\drivers\msiscsi.sys 2014-04-09 12:28:10 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys ====== C:\Windows\Tasks ====== 2014-04-11 20:47:19 9FB5BB96E05938929DDE8E38558DED91 3974 ----a-w- C:\Windows\Sysnative\Tasks\User_Feed_Synchronization-{69ED1A07-8A91-49E4-BADF-C9B4969D530E} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-04-16 11:20:07 -------- d-----w- C:\Program Files\trend micro 2014-04-10 21:11:31 -------- d-----w- C:\Program Files\TAP-Windows 2014-04-10 21:11:01 -------- d-----w- C:\Program Files\CyberGhost 5 ======= C:\PROGRA~2 ===== 2014-04-16 13:47:53 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-04-11 23:05:39 -------- d-----w- C:\PROGRA~2\BlueStacks 2014-04-03 00:48:19 -------- d-----w- C:\PROGRA~2\Fluency ======= C: ===== ====== C:\Users\Eva\AppData\Roaming ====== 2014-04-16 13:42:21 -------- d-----r- C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-04-16 13:35:02 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Locallow\Sun 2014-04-16 13:32:42 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\Sun 2014-04-13 17:11:54 -------- d-----w- C:\Users\M\AppData\Roaming\vlc 2014-04-11 23:04:20 -------- d-----w- C:\Users\Eva\AppData\Local\Bluestacks 2014-04-11 20:58:27 -------- d-----r- C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-04-11 20:46:12 DC66AE9F94A2EF71A5A8A5F4D35DCFD0 120600 ----a-w- C:\Users\Sophie\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-11 20:46:12 -------- d-----w- C:\Users\Sophie\AppData\Roaming\Intel Corporation 2014-04-11 20:46:08 -------- d-----w- C:\Users\Sophie\AppData\Roaming\Apple Computer 2014-04-11 20:46:05 -------- d-----w- C:\Users\Sophie\AppData\Local\BMExplorer 2014-04-11 20:45:52 -------- d-----w- C:\Users\Sophie\AppData\Roaming\Atheros 2014-04-11 20:45:52 -------- d-----w- C:\Users\Sophie\AppData\Local\Adobe 2014-04-11 20:45:15 -------- d-----w- C:\Users\Sophie\AppData\Roaming\Adobe 2014-04-11 20:45:09 -------- d-----r- C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-11 20:45:09 -------- d-----r- C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-04-11 20:45:04 -------- d-s---w- C:\Users\Sophie\AppData\Locallow\Microsoft 2014-04-11 20:44:54 -------- d-----w- C:\Users\Sophie\AppData\Roaming\Identities 2014-04-11 20:44:35 -------- d-----w- C:\Users\Sophie\AppData\Roaming\Sony Corporation 2014-04-11 20:43:50 -------- d-s---w- C:\Users\Sophie\AppData\Roaming\Microsoft 2014-04-11 20:43:50 -------- d-----w- C:\Users\Sophie\AppData\Roaming\Media Center Programs 2014-04-11 20:43:50 -------- d-----w- C:\Users\Sophie\AppData\Local\Temp 2014-04-11 20:43:50 -------- d-----w- C:\Users\Sophie\AppData\Local\Microsoft 2014-04-11 20:43:50 -------- d-----r- C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-04-11 20:43:50 -------- d-----r- C:\Users\Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-04-11 12:23:33 -------- d-----w- C:\Users\Eva\AppData\Local\Genymobile 2014-04-10 21:11:49 -------- d-----w- C:\Users\Eva\AppData\Local\CyberGhost 2014-04-03 00:48:02 -------- d-----w- C:\Users\Eva\AppData\Roaming\Fluency 2014-03-31 18:59:54 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google ====== C:\Users\Eva ====== 2014-04-16 13:21:35 C2DEA12D7175A2BF9908D0DF6E83BE40 921512 ----a-w- C:\Users\Eva\Downloads\chromeinstall-7u55.exe 2014-04-16 11:18:51 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Eva\Downloads\RSITx64.exe 2014-04-11 23:05:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 2014-04-11 23:05:39 -------- d-----w- C:\ProgramData\BlueStacks 2014-04-11 22:55:49 3312E1F82BA228DFE64B458AC453B536 10468704 ----a-w- C:\Users\Eva\Downloads\BlueStacks-SplitInstaller_native (4).exe 2014-04-11 20:45:09 -------- d-----r- C:\Users\Sophie\Searches 2014-04-11 20:44:49 -------- d-----r- C:\Users\Sophie\Contacts 2014-04-11 20:44:05 6FC234AD3752E1267B34FB12BCD6718B 20 --sha-w- C:\Users\Sophie\ntuser.ini 2014-04-11 20:43:50 -------- d--h--w- C:\Users\Sophie\AppData 2014-04-11 20:43:50 -------- d-----r- C:\Users\Sophie\Videos 2014-04-11 20:43:50 -------- d-----r- C:\Users\Sophie\Saved Games 2014-04-11 20:43:50 -------- d-----r- C:\Users\Sophie\Pictures 2014-04-11 20:43:50 -------- d-----r- C:\Users\Sophie\Music 2014-04-11 20:43:50 -------- d-----r- C:\Users\Sophie\Links 2014-04-11 20:43:50 -------- d-----r- C:\Users\Sophie\Favorites 2014-04-11 20:43:50 -------- d-----r- C:\Users\Sophie\Downloads 2014-04-11 20:43:50 -------- d-----r- C:\Users\Sophie\Documents 2014-04-11 20:43:50 -------- d-----r- C:\Users\Sophie\Desktop 2014-04-11 19:50:39 61B5FF50FB33B01EC6F3089FBBF32B4F 160216 ----a-w- C:\Users\Public\000000000523.jpg 2014-04-11 19:48:20 91B284EBABCB6F09803EBBFEAF0A1147 222511 ----a-w- C:\Users\Public\000000000324.jpg 2014-04-11 09:47:11 DF269B46E3D2BBB2A0333132E752AD31 123486848 ----a-w- C:\Users\Eva\Downloads\genymotion-2.2.0-vbox.exe 2014-04-11 01:00:18 11853FB95A884F16DEFB06FFD88AD16C 233098 ----a-w- C:\Users\Public\000000001413.jpg 2014-04-11 00:53:55 0560A1428492E5A12DEDBA2E0AF79787 102093 ----a-w- C:\Users\Public\000000000412.jpg 2014-04-11 00:47:23 9E79C832F1D847C2F7C3FA6E973C4C94 134145 ----a-w- C:\Users\Public\00000005324.jpg 2014-04-11 00:26:05 EB00985DF5B831CD5EE591E54A1C78F6 161643 ----a-w- C:\Users\Public\0000035.jpg 2014-04-11 00:25:51 8B375CD761D374DDB9C70A369A121F3C 354325 ----a-w- C:\Users\Public\00000523.jpg 2014-04-11 00:18:45 CF60B28C36AF8B95492F06AE92FC091A 195103 ----a-w- C:\Users\Public\00000004123.jpg 2014-04-11 00:16:48 33B23EE08A8C0D4779660132027200BB 89048 ----a-w- C:\Users\Public\000000008785.jpg 2014-04-11 00:14:40 7DDC3BCEB3DD24E14C992D685AF66452 53948 ----a-w- C:\Users\Public\000000245444.jpg 2014-04-11 00:12:53 A55E39DC413FB322E300540F32116F36 60427 ----a-w- C:\Users\Public\0000002454.jpg 2014-04-11 00:12:18 18FAB95480F0E8F802428B5EADF26E3B 124883 ----a-w- C:\Users\Public\00000002454.jpg 2014-04-11 00:11:29 4215D07CA49342379F0021A977267F4D 79893 ----a-w- C:\Users\Public\00000004512.jpg 2014-04-11 00:10:34 C8BFF5B367F03DCB69693D7A450E9297 269099 ----a-w- C:\Users\Public\00000001547.jpg 2014-04-11 00:10:04 4E0CEE2D0BEC47BDEE52DCE761928ECC 257141 ----a-w- C:\Users\Public\000000545.jpg 2014-04-11 00:09:28 F1C666C56376C2604B7FBB905EC04174 319641 ----a-w- C:\Users\Public\000000004554.jpg 2014-04-11 00:08:38 E9950FA5F583B5D826ABF35F8CCB5C11 220951 ----a-w- C:\Users\Public\000000012.jpg 2014-04-11 00:06:48 72B8A046FD06A13CE333F7858C9F47AF 211440 ----a-w- C:\Users\Public\000004555.jpg 2014-04-11 00:05:07 04A5383957CF35B0B89A135A6FE9EDC3 223696 ----a-w- C:\Users\Public\0000004.jpg 2014-04-11 00:03:17 22A9F9677BE592EF22D4F9A5D2D0E5EB 69842 ----a-w- C:\Users\Public\000002354.jpg 2014-04-10 23:32:46 F6FCADE905F9595D93EE3FA268C17230 53633 ----a-w- C:\Users\Public\00000003545.jpg 2014-04-10 23:29:06 CF1E5D6029C483560EA4A1151EC05831 87797 ----a-w- C:\Users\Public\000003545.jpg 2014-04-10 23:24:54 BBF3EAB738090E7A3ADC9774B46C383C 75561 ----a-w- C:\Users\Public\0000325455.jpg 2014-04-10 23:15:58 E86051B849E8D5790CA0DF356345A615 89873 ----a-w- C:\Users\Public\2401230000.jpg 2014-04-10 23:10:48 85C5D08CEFBBAA3978A78B18D19752C5 42196 ----a-w- C:\Users\Public\200014230000.jpg 2014-04-10 21:11:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5 2014-04-10 21:10:08 0DC4A3A22573EC825EDBC650827DD989 8617040 ----a-w- C:\Users\Eva\Downloads\cg5.exe 2014-04-09 23:38:12 46EF28CB59BCD41A8644F1F195F998A2 100711 ----a-w- C:\Users\Public\242131300000.jpg 2014-04-04 22:18:00 3312E1F82BA228DFE64B458AC453B536 10468704 ----a-w- C:\Users\Eva\Downloads\BlueStacks-SplitInstaller_native (3).exe 2014-04-03 00:47:21 D4AA4BBEB319FEC96B34DAF45420AC32 33020483 ----a-w- C:\Users\Eva\Downloads\FluencySetup.exe ====== C: exe-files == 2014-04-16 13:46:45 E53D6E485A0302A9C7D5E0D4D3E3C8B0 145832 ----a-w- C:\Program Files (x86)\Java\jre7\bin\unpack200.exe 2014-04-16 13:46:45 5EBBDE8E4FA26B4DC2477EEFC580BBEC 16808 ----a-w- C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe 2014-04-16 13:46:42 F4DED4130A0104B6A4ED9844208F180F 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\servertool.exe 2014-04-16 13:46:42 A88ABFD096E23B5560667BDC05917566 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe 2014-04-16 13:46:42 971C6733A1AF11192C378CC736F85DCC 49576 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe 2014-04-16 13:46:42 6544D757CC478157D0B1A7752E51FE3B 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\policytool.exe 2014-04-16 13:46:42 2AAB5E6938B562D4A78C8DB5F8923142 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmid.exe 2014-04-16 13:46:42 11065E949C9640B42D0DE37CCF55F31C 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\pack200.exe 2014-04-16 13:46:41 1D512E4C00DDFC9D0D236E818991EF1B 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\orbd.exe 2014-04-16 13:46:39 DA6CB7FCDE22F46C2A792F67033AF20D 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ktab.exe 2014-04-16 13:46:39 29869351791BADAC5BF5647F2E3FCA2E 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\klist.exe 2014-04-16 13:46:38 EB80B1148FF046F466D1C671AF75D559 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\keytool.exe 2014-04-16 13:46:38 9E7CB10B1373D7172AE87D597AC58C24 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\kinit.exe 2014-04-16 13:46:38 45A663489E1A24FE3696F689178C1041 182696 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jqs.exe 2014-04-16 13:46:37 068C8B4DD85CA47817BECD77F07110EC 52648 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe 2014-04-16 13:46:35 7EAB131EBF08F0E9E64C96285BD7D493 264616 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaws.exe 2014-04-16 13:46:35 76C9EFEA16CF2FAD41F6D6A37707A28B 68008 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javacpl.exe 2014-04-16 13:46:35 26A414A2B7FC8AA5475CADB1189F1D02 175528 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaw.exe 2014-04-16 13:46:33 479099423E3058D55F1682F3330F9AA8 175016 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java.exe 2014-04-16 13:46:32 F82ACDE93EC413733A4BE85BB34BEC14 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe 2014-04-16 13:46:32 60050CE9D89F59C0FE53C74BC78E6655 48040 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe 2014-04-16 13:45:03 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Eva\AppData\LocalLow\Sun\Java\jre1.7.0_55\lzma.exe 2014-04-16 11:20:08 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Eva.exe 2014-04-15 01:03:37 F972DDD19A10F53D74021DDEAC07CCA6 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-04-15 01:03:37 E0155A11B26C7D5347069AB7ACB62D02 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-04-15 01:03:37 C5C7E33308BAE18BD9F59F9A93E85D33 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-04-15 01:03:37 BEA4E0C0BA936E8A3DB24D1A37BF70BE 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2014-04-15 01:02:34 EA8386CA87165460D39A1D29FF11080B 809680 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-04-15 01:02:33 0667ED9F8E905E1F73DB60ACCEDCBCA7 811728 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-04-13 17:06:50 8FAE9109245E4B4FF42704ECFB86F1B6 8704216 ----a-w- C:\Users\M\AppData\Local\Google\Update\Install\{94A3B028-F4C1-47D4-A67F-14DCEBAA6F33}\34.0.1847.116_33.0.1750.154_chrome_updater.exe 2014-04-13 17:06:50 8FAE9109245E4B4FF42704ECFB86F1B6 8704216 ----a-w- C:\Users\M\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\34.0.1847.116\34.0.1847.116_33.0.1750.154_chrome_updater.exe 2014-04-13 00:30:36 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Eva\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EOWSJVXG\SkypeSetupFull[1].exe 2014-04-11 08:06:48 8FAE9109245E4B4FF42704ECFB86F1B6 8704216 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\34.0.1847.116\34.0.1847.116_33.0.1750.154_chrome_updater.exe 2014-04-10 21:11:40 946D1AE94B07B8772CF96E6C7575B847 83823 ----a-w- C:\Program Files\TAP-Windows\Uninstall.exe 2014-04-10 21:11:09 F2EF80DEF6399F417CF568BFD927CAF8 78960 ----a-w- C:\Program Files\CyberGhost 5\Data\Tools\nvspbind.exe 2014-04-10 21:11:09 8520FF818F32A228FA041738925E4DF3 831088 ----a-w- C:\Program Files\CyberGhost 5\Data\Tools\nwchelper.exe 2014-04-10 21:11:07 AC9B2624EF366742C9AD32B86225A251 240536 ----a-w- C:\Program Files\CyberGhost 5\Data\OpenVPN\tap-windows_64.exe 2014-04-10 21:11:07 37D2766BE15FF4AC3F51B3BE54A3826B 572016 ----a-w- C:\Program Files\CyberGhost 5\Data\Tools\FirewallHelper.exe 2014-04-10 21:11:07 0AA0E61A2D73A073C340B2C9288B5FAC 109680 ----a-w- C:\Program Files\CyberGhost 5\Data\Tools\certutil.exe 2014-04-10 21:11:06 AC9B2624EF366742C9AD32B86225A251 240536 ----a-w- C:\Program Files\CyberGhost 5\Data\OpenVPN\tap-windows.exe 2014-04-10 21:11:06 8A19EA5B41FD53F1A94C5BD649A14F14 676152 ----a-w- C:\Program Files\CyberGhost 5\Data\OpenVPN\openvpn.exe 2014-04-10 21:11:05 9455658E61E9575C45EACF4C4D8E54AE 850000 ----a-w- C:\Program Files\CyberGhost 5\Data\OpenVPN\openssl.exe 2014-04-10 21:11:02 FF02D4FDA4C93C1FFC53BC1F1A5D515C 56944 ----a-w- C:\Program Files\CyberGhost 5\makecert.exe 2014-04-10 21:11:02 8AFD2016FAE695848E856558D9908F26 358000 ----a-w- C:\Program Files\CyberGhost 5\CyberGhost.exe 2014-04-10 21:11:02 7B4AA3F4435950130BC0D9AC6F32DF36 64112 ----a-w- C:\Program Files\CyberGhost 5\Service.exe 2014-04-10 21:11:02 37C753D5AB2DBA14E7B7E1DC56B87C27 445352 ----a-w- C:\Program Files\CyberGhost 5\wyUpdate.exe 2014-04-10 21:11:01 4751A7921A89A4DC0A687C8FCE8168AD 1206896 ----a-w- C:\Program Files\CyberGhost 5\unins000.exe === C: other files == 2014-04-16 13:46:46 D89A382292CB7F22CD29D6E5D9A41CBF 18714 ----a-w- C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip 2014-04-12 20:45:10 51C5B9E76D4E75FEDEA5B645BE258E5F 626596 ----a-w- C:\Users\Eva\Downloads\000046.zip 2014-04-11 12:30:58 AD6D273E646B94BB6668C8CB439CFBD3 237840 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys 2014-04-11 12:30:35 E5C140160617B2B0545B4051AA9507FF 120080 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2228631165-3998470846-3821302975-1000\Software\Microsoft\Windows\CurrentVersion\Run] "EA Core"="C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler" "Sidebar"="C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun" "CyberGhost"="C:\Program Files\CyberGhost 5\CyberGhost.EXE /autostart /min" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "ISBMgr.exe"="C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" "CanonSolutionMenuEx"="C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon" "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW" "SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" "AdobeCS5ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe -launchedbylogin" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "EA Core"="C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler" "Sidebar"="C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun" "CyberGhost"="C:\Program Files\CyberGhost 5\CyberGhost.EXE /autostart /min" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "cAudioFilterAgent"="C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" "AtherosBtStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" "AthBtTray"="C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "Apoint"="%ProgramFiles%\Apoint\Apoint.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Reader Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmsgr" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Zebra Status Monitor.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Zebra Status Monitor.lnk" "backup"="C:\\Windows\\pss\\Zebra Status Monitor.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\ZEBRAT~1\\STATUS~1\\STATUS~1\\STATUS~1.EXE " "item"="Zebra Status Monitor" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16-03-2014 02:52] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16-03-2014 02:52] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2228631165-3998470846-3821302975-1001Core.job --a------ C:\Users\M\AppData\Local\Google\Update\GoogleUpdate.exe [12-08-2012 16:59] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2228631165-3998470846-3821302975-1001UA.job --a------ C:\Users\M\AppData\Local\Google\Update\GoogleUpdate.exe [12-08-2012 16:59] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Eva-VAIO-Eva" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2228631165-3998470846-3821302975-1001Core" [C:\Users\M\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2228631165-3998470846-3821302975-1001UA" [C:\Users\M\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{69ED1A07-8A91-49E4-BADF-C9B4969D530E}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{6A6C2477-4808-46E9-9FF8-343E0FA9B9D1}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{E3BC2BF4-8EED-44A2-B7FE-81EC1A6913C4}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{A5DF4552-4FE1-4E44-BA8A-2D2BAF654892}" ["c:\users\Eva\appdata\local\google\chrome\application\chrome.exe"] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\SysNative\tasks\SONY\VAIO Gate\StartExecuteProxy" ["%programfiles%\Sony\VAIO Gate\ExecutionProxy.exe"] "C:\Windows\SysNative\tasks\SONY\VAIO Gate\VAIO Gate" [C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VAIO Care" ["%ProgramFiles%\Sony\VAIO Care\VCsystray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VCOneClick" ["%ProgramFiles%\Sony\VAIO Care\VCOneClick.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader" [C:\Program Files\Sony\VAIO Improvement\viuploader.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation" [C:\Program Files\Sony\VAIO Improvement Validation\viv.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start" [C:\Program Files\Sony\VAIO Smart Network\VSNClient] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Update\VAIO Update 5" ["C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe"] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"="C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5" [14-04-2012 02:33] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bkidpdfiogmbfogbadljpeeljpildncm - C:\Users\Eva\AppData\Local\Temp\ccex.crx[] bpegkgagfojjbcpkihigfmkojdmmimdf - No path found[] ehgldbbpchgpcfagfpfjgoomddhccfgh - No path found[] nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12-12-2011 15:13] Google Docs - M\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - M\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - M\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - M\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - M\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda DivX Plus Web Player HTML5 \u003Cvideo> - M\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm Gmail - M\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf AdBlock - Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Google Wallet - Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda DivX Plus Web Player HTML5 \u003Cvideo> - Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm Gmail - Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_android.nl.softonic.com_0.localstorage deleted successfully C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_android.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage deleted successfully C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_virtualbox.en.softonic.com_0.localstorage deleted successfully C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_virtualbox.en.softonic.com_0.localstorage-journal deleted successfully C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_windowsandroid.nl.softonic.com_0.localstorage deleted successfully C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_windowsandroid.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_windroy.nl.softonic.com_0.localstorage deleted successfully C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_windroy.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_youwave.en.softonic.com_0.localstorage deleted successfully C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_youwave.en.softonic.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://vaioportal.sony.eu" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {A40DFBD4-F867-40B9-837E-F55DCD40A492} eBay Url="http://rover.ebay.com/rover/1/1346-81661-16445-14/4?mpre=http://shop.ebay.nl/?oemInLn=ieSrch-Q311&_nkw={searchTerms}" {C4FE8C63-43E9-42D0-80C8-2CA49E4462F4} Zinio Url="http://services.zinio.com/search?s={searchTerms}&rf=sonyslices" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2228631165-3998470846-3821302975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully HKEY_USERS\S-1-5-21-2228631165-3998470846-3821302975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully HKEY_CLASSES_ROOT\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bkidpdfiogmbfogbadljpeeljpildncm deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\M\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\M\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\M\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eva\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Eva\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Sophie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eva\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EJXHVY3I will be deleted at reboot C:\Users\Eva\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWVKNX2R will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=46 folders=13 24214775 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\M\AppData\Local\Temp emptied successfully C:\Users\Eva\AppData\Local\Temp will be emptied at reboot C:\Users\Sophie\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Eva\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Eva\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EJXHVY3I" not found "C:\Users\Eva\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWVKNX2R" not found ==== EOF on wo 16-04-2014 at 16:27:26,58 ======================