Zoek.exe v5.0.0.0 Updated 14-April-2014 Tool run by Nikki on di 06/05/2014 at 9:25:33,63. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Nikki\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 6/05/2014 9:28:03 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\log deleted successfully C:\Program Files\Symantec deleted successfully C:\Program Files\WinRAR deleted successfully C:\PROGRA~3\iolo deleted successfully C:\Users\Nikki\AppData\Roaming\TP deleted successfully C:\Users\Nikki\AppData\Local\CrashDumps deleted successfully C:\Users\Nikki\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2503392224-2008201579-3980033211-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-2503392224-2008201579-3980033211-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== Running Processes ====================== C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Windows\SysWOW64\DllHost.exe C:\Windows\SysWOW64\DllHost.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Nikki\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Nikki\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Nikki\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Nikki\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Nikki\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe C:\Program Files\Sony\VAIO Care\listener.exe C:\Users\Nikki\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Sony\VAIO Care\VCService.exe C:\Users\Nikki\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] ==== Deleting Files \ Folders ====================== C:\Windows\Syswow64\sho4A11.tmp deleted C:\Windows\Syswow64\shoBD38.tmp deleted C:\Windows\SysWow64\AI_RecycleBin deleted "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" deleted "C:\Program Files (x86)\Microsoft\BingBar" not deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3690 MB CPU Info: AMD E2-1800 APU with Radeon(tm) HD Graphics CPU Speed: 1713,5 MHz Sound Card: Speaker/HP (Realtek High Defini | Display Adapters: AMD Radeon HD 7300 Series Graphics | AMD Radeon HD 7300 Series Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Atheros AR9485WB-EG Wireless Network Adapter | Realtek PCIe GBE Family Controller | Bluetooth Device (Personal Area Network) CD / DVD Drives: No optical drives found. Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 447,8GB | Q: 0,0MB Hard Disks - Free: C: 385,7GB | Q: 0,0MB Manufacturer *: Insyde Corp. BIOS Info: AT/AT COMPATIBLE | 05/22/12 | Sony - 20120522 Time Zone: West-Europa (standaardtijd) Motherboard *: Sony Corporation VAIO Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Norton Internet Security On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Norton Internet Security disabled (Outdated) Firewall: Norton Internet Security disabled Default Browser: Google Chrome 34.0.1847.131 Internet Explorer Version: 11.0.9600.17105 Google Chrome version: 34.0.1847.131 Adobe Reader version: 10.0.0.396 Flash Player version: 13.0.0.206 Shockwave Player version: 11.6.8r638 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Nikki\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-05-05 09:05:57 5869FBC754578A59C8C8635B99DB79DE 17384448 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-05-05 09:05:57 2518D1922371892ADEF1F07147DBD72A 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-04-30 17:01:54 AA12D7A960DB78DD9690AB5B5DAE6586 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-04-30 17:01:49 CE6921D33682C6C3DB8A45853CC69402 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-04-30 17:01:14 7E9FE7DB43BC204E44F159F843E35C15 367616 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-04-30 17:01:13 EDACA6C44D9CE200F899B7DB0F201DFF 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-04-30 17:01:13 34FC79C948EE2C5FD0CD699E7D7F91B7 244224 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-04-30 17:01:12 EBC35FE64056910A84485BEEB6DCCAC6 524288 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-04-30 17:01:12 31385A6CAA31BE9D07B0B32E5AA99ABB 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-04-30 17:01:11 82287FCFFA4A2D60FD744E3FEB3192C5 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-04-30 17:01:11 21BF6759685FD193715B483F2B3F21B1 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-04-30 17:01:10 0FDC1A576A3F40420882C0F7C4A66EAD 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-04-30 17:01:08 C9CA9803299EB6AFA34CB520BAAB083D 32256 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-30 17:01:01 6557B48D53D653CFCCE3CB1CFA53A8E1 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-04-30 17:01:01 0F4A295516781897FFB09B4CCF2E8798 592896 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-04-30 17:00:57 BB185D4A9362AA17CBCEC0768CDBF249 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-04-30 16:27:52 E4E829EE073E046B0EB19B5FECB19B8C 1789440 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-04-30 16:27:52 05BD47136DE62FAFE9F95B40E4100144 2178048 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-04-30 16:27:51 C4A383FD50FBD7E274DD41CF571DF898 1967104 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-04-30 16:27:51 76F58DB8F85C125E0D6B3AA42F3BF1D0 1143808 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-04-30 16:27:47 2AFBB91BBD2378933B26E6D68C140D1B 11745792 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-04-30 16:27:44 8C46360D6EF9D4C563FE834C4F287DA3 4254720 ----a-w- C:\Windows\SysWOW64\jscript9.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-05-05 09:05:59 A98DA2EC1E56CF52C682D072F77D9874 23547904 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-05-05 09:05:57 DE5DE05946D6FC2DC494C55BC7BC4C6E 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-04-30 17:01:55 7446786E7092ABE122D372F95E6ED74B 574976 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-04-30 17:01:49 FFF555C177D9F2B79B5C3146BED09FB1 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-04-30 17:01:28 D6067F7EE060C5D6D79008AD591B4E3B 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-04-30 17:01:28 3F498856C68725717195C16568FE19D0 586240 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-04-30 17:01:27 964C89BC8A52A260D68C90FDDEB862E2 38400 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-04-30 17:01:27 72116CC377FF4281B0132C397026D911 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-04-30 17:01:14 E0D95345D1EBB54F28E958782B9C0CE0 453120 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-04-30 17:01:14 CFBA793F678EB3855052ECF99357A9A1 296960 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-04-30 17:01:14 3F547245C78F4847B73EDDFD4A2F7E12 752640 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-04-30 17:01:13 E7161E2C66FF9B1E87C30FC9D2497ABB 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-04-30 17:01:12 CB57E934280D346AE0A9B053DAA284C5 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-04-30 17:01:12 75AD355828187145A60E3DC7BAF7B0F3 628736 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-04-30 17:01:11 1BF215FF4DF6DE10D2F81A2CE85157D2 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-04-30 17:01:10 A3F9A9E46BDDBB8B20B7CF3EEDB990F2 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-04-30 16:28:03 EBAD8A4D048ED257E4A45F6356541F86 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-04-30 16:28:02 915D8A9E112C97C90C654F792B6B28B9 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-04-30 16:28:00 A3A132CBE48AF0324466469F2CAAE8A2 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-04-30 16:27:59 710FD0E362A1A5C087DB90C1BAC46411 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-04-30 16:27:52 1F8534A19A66275C863DE17645CB2A13 2767360 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-04-30 16:27:51 F220BA78AB542C70211D73AE4729B2CD 2260480 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-04-30 16:27:51 32417AE8280276968E5C551ED85D3525 1400832 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-04-30 16:27:49 1654093C8BD3342997D27B71684ACCE8 2043904 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-04-30 16:27:48 A14BB2F5F6457738AAA11367F5172A05 13551104 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-04-30 16:27:45 BF25489459C7A762DD7B3186C7E3984D 5784064 ----a-w- C:\Windows\Sysnative\jscript9.dll ====== C:\Windows\Sysnative\drivers ===== 2014-04-10 10:49:47 B3222734D80013D2C73841B0C549FA63 27584 ----a-w- C:\Windows\Sysnative\drivers\Diskdump.sys 2014-04-10 10:49:47 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\Sysnative\drivers\storport.sys 2014-04-10 10:49:47 96BB922A0981BC7432C8CF52B5410FE6 274880 ----a-w- C:\Windows\Sysnative\drivers\msiscsi.sys 2014-04-10 10:49:40 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-05-05 12:43:02 -------- d-----w- C:\Program Files\trend micro 2014-04-22 17:43:36 -------- d-----w- C:\Program Files\Defraggler ======= C:\PROGRA~2 ===== ======= C: ===== 2014-04-21 13:27:04 D46D074B8BF3F42AB0820C49AD760823 426 ----a-w- C:\AVScanner.ini ====== C:\Users\Nikki\AppData\Roaming ====== 2014-05-05 16:27:45 -------- d-----w- C:\Users\Nikki\AppData\Local\Windows Live 2014-04-22 15:26:01 -------- d-----r- C:\Users\Nikki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-04-21 12:28:47 -------- d-----w- C:\Users\Nikki\AppData\Roaming\Sony 2014-04-21 12:23:52 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Locallow\Sun ====== C:\Users\Nikki ====== 2014-05-05 12:50:08 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Nikki\Downloads\RSITx64 (2).exe 2014-05-05 12:48:01 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Nikki\Downloads\RSITx64 (1).exe 2014-05-05 12:42:34 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Nikki\Desktop\RSITx64.exe 2014-05-04 18:45:13 F06CB0D234C5FC52F4AFC4D81BDFF3C4 102576920 ----a-w- C:\Users\Nikki\Downloads\msert.exe 2014-04-22 17:43:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler 2014-04-22 17:41:40 5028642A01C7D6EA50AA4BD5276819F4 4362512 ----a-w- C:\Users\Nikki\Downloads\dfsetup218.exe 2014-04-22 17:36:49 B8633D85CB1590AF7F2C4F14533869D1 1241136 ----a-w- C:\Users\Nikki\Downloads\solutoinstaller.exe ====== C: exe-files == 2014-05-05 12:50:08 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Nikki\Downloads\RSITx64 (2).exe 2014-05-05 12:48:01 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Nikki\Downloads\RSITx64 (1).exe 2014-05-05 12:43:03 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Nikki.exe 2014-05-05 12:42:34 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Nikki\Desktop\RSITx64.exe 2014-05-04 18:45:13 F06CB0D234C5FC52F4AFC4D81BDFF3C4 102576920 ----a-w- C:\Users\Nikki\Downloads\msert.exe 2014-04-30 17:01:39 F972DDD19A10F53D74021DDEAC07CCA6 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-04-30 17:01:39 E0155A11B26C7D5347069AB7ACB62D02 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-04-30 17:01:39 C5C7E33308BAE18BD9F59F9A93E85D33 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-04-30 17:01:39 BEA4E0C0BA936E8A3DB24D1A37BF70BE 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2014-04-30 17:01:28 3F498856C68725717195C16568FE19D0 586240 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-04-30 17:01:11 21BF6759685FD193715B483F2B3F21B1 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-04-30 17:01:11 1BF215FF4DF6DE10D2F81A2CE85157D2 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-04-30 16:28:00 A3A132CBE48AF0324466469F2CAAE8A2 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-04-30 16:27:59 710FD0E362A1A5C087DB90C1BAC46411 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-04-30 16:27:51 EA8386CA87165460D39A1D29FF11080B 809680 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-04-30 16:27:51 0667ED9F8E905E1F73DB60ACCEDCBCA7 811728 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-04-29 18:05:08 79CACA103DA5AB8EBED082503615CD37 1119448 ----a-w- C:\Users\Nikki\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\34.0.1847.131\34.0.1847.131_34.0.1847.116_chrome_updater.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2503392224-2008201579-3980033211-1002\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~2\\Citrix\\ICACLI~1\\RSHook.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Reader Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AthBtTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AthBtTray" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Bluetooth Suite\\AthBtTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AtherosBtStack] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AtherosBtStack" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Bluetooth Suite\\BtvStack.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\beid] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="beid" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Belgium Identity Card\\beid35gui.exe\" /startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Cisco AnyConnect Secure Mobility Agent for Windows] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Cisco AnyConnect Secure Mobility Agent for Windows" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Cisco\\Cisco AnyConnect Secure Mobility Client\\vpnui.exe\" -minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CitrixReceiver] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CitrixReceiver" "hkey"="HKLM" "command"="\"C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Citrix\\Receiver Updater.lnk\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ConnectionCenter] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ConnectionCenter" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Citrix\\ICA Client\\concentr.exe\" /startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google Update" "hkey"="HKCU" "command"="\"C:\\Users\\Nikki\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ISBMgr.exe] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ISBMgr.exe" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Sony\\ISB Utility\\ISBMgr.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmsgr" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVBg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RtHDVBg" "hkey"="HKLM" "command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVBg64.exe /SONYAPO " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify" "hkey"="HKCU" "command"="\"C:\\Users\\Nikki\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\Nikki\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Nikki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk] "path"="C:\\Users\\Nikki\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\EvernoteClipper.lnk" "backup"="C:\\Windows\\pss\\EvernoteClipper.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~2\\Evernote\\Evernote\\EVERNO~2.EXE " "item"="EvernoteClipper" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [29/04/2014 21:09] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2503392224-2008201579-3980033211-1002Core.job --a------ C:\Users\Nikki\AppData\Local\Google\Update\GoogleUpdate.exe [23/08/2012 16:01] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2503392224-2008201579-3980033211-1002UA.job --a------ C:\Users\Nikki\AppData\Local\Google\Update\GoogleUpdate.exe [23/08/2012 16:01] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2503392224-2008201579-3980033211-1002Core" [C:\Users\Nikki\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2503392224-2008201579-3980033211-1002UA" [C:\Users\Nikki\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe"] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{0FDEF0F4-C3E0-4F6F-856A-1BE1ECBF6249}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\VHDInformationCheck" ["%ProgramFiles(x86)%\Sony\VAIO Recovery\plugins\InformationCheck.exe"] "C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\SysNative\tasks\Sony Corporation\Sony Home Network Library\SOHLib TaskTray" [C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\AutoCheckMessage" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\CRMReminder" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VAIO Care" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VAU" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VCCheckIolo" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VCMetrics" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VCOneClick" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Control Center\Level4Daily" [C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Control Center\Level4Month" [C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Gate\StartExecuteProxy" ["%programfiles%\Sony\VAIO Gate\ExecutionProxy.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Gate\VAIO Gate" [C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask" [C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem" [C:\Program Files\Sony\VAIO Improvement\vim.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser" [C:\Program Files\Sony\VAIO Improvement\vim.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader" [C:\Program Files\Sony\VAIO Improvement\viuploader.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation" [C:\Program Files\Sony\VAIO Improvement Validation\viv.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music Nikki" [C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Power Management\VPM Logon Start" [C:\Program Files\Sony\VAIO Power Management\SPMgr.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Power Management\VPM Session Change" [C:\Program Files\Sony\VAIO Power Management\SPMgr.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Power Management\VPM Unlock" [C:\Program Files\Sony\VAIO Power Management\SPMgr.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start" [net] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\Exts\Chrome.crx[03/02/2014 08:42] AdBlock - Nikki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Norton Identity Protection - Nikki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Google Wallet - Nikki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Google Docs - TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Norton Identity Protection - TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Google Wallet - TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - TEMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" "Default_Page_URL"="http://vaioportal.sony.eu" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {62CEA9F2-04B5-4332-8CB7-ADEC782E6ADE} eBay Url="http://rover.ebay.com/rover/1/1553-42507-16445-59/4?mpre=http://shop.benl.ebay.be/?oemInLn=ieSrch-Q212&_nkw={searchTerms}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O20 - AppInit_DLLs: C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: Bing Bar Update Service (BBSvc) - Unknown owner - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (file missing) O23 - Service: BBUpdate - Unknown owner - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (file missing) O23 - Service: DCDhcpService - Atheros Communication Inc. - C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Nikki\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\TEMP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\TEMP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Nikki\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\33012QQ0 will be deleted at reboot C:\Users\Nikki\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KAQMK0AW will be deleted at reboot C:\Users\Nikki\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YYURHE1X will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Nikki\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3959 folders=1167 22475331 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Nikki\AppData\Local\Temp will be emptied at reboot C:\Users\TEMP\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Nikki\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\Microsoft\BingBar" not found "C:\Users\Nikki\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\33012QQ0" not found "C:\Users\Nikki\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KAQMK0AW" not found "C:\Users\Nikki\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YYURHE1X" not found ==== EOF on di 06/05/2014 at 10:13:01,18 ======================