Zoek.exe v5.0.0.0 Updated 05-July-2014 Tool run by Flore on di 08/07/2014 at 15:18:43,31. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Flore\Downloads\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-07-08-120308.log 73925 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe C:\Windows\SysWOW64\DllHost.exe C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe C:\Program Files (x86)\Citrix\ICA Client\concentr.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files\Sony\VAIO Care\VCService.exe C:\Program Files\Sony\VAIO Care\listener.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Flore\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVG Security Toolbar Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AVG Security Toolbar Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Boonty Games deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Boonty Games deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McAfee SiteAdvisor Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\McAfee SiteAdvisor Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McComponentHostServiceSony deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\McComponentHostServiceSony deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MarketingTools"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "AvgUninstallURL"=- ==== Deleting Files \ Folders ====================== C:\ProgramData\AskPartnerNetwork not found C:\Program Files (x86)\Common Files\BOONTY Shared deleted C:\Users\Flore\Searches deleted "C:\Users\Flore\Downloads\RSITx64 (2).exe" deleted "C:\Users\Flore\Downloads\RSITx64 (1).exe" deleted "C:\Users\Flore\Downloads\Setup (2).exe" deleted "C:\Users\Flore\Downloads\Setup (1).exe" deleted "C:\Users\Flore\Downloads\F-SecureOnlineScanner (2).exe" deleted "C:\Users\Flore\Downloads\F-SecureOnlineScanner (1).exe" deleted "C:\Users\Flore\Downloads\PandaCloudCleaner (1).exe" deleted ==== Folders Found In C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 ====================== 2014-06-15 09:29:43 d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64 2014-06-15 09:29:43 d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\x64 ==== Files Found In C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 ====================== 2012-08-21 11:01:20 106928 ----a-w- 498BD12B38B549887D9E856EB734354E C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\GEARAspi.dll 2012-08-21 11:01:20 125872 ----a-w- 5C7B8533FEC9E65368D14965EC4C9D8A C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\GEARAspi64.dll 2012-08-21 11:01:20 131544 ----a-w- F6E8C0D5EC7A8D223F3BA3436701DCBD C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DifXInst64.exe 2012-08-21 11:01:20 2561 ----a-w- 834C766FE011C0090FB4DAF6279A8DF4 C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\GEARAspiWDM.inf 2012-08-21 11:01:20 33240 ----a-w- 8E98D21EE06192492A5671A6144D092F C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\x64\GEARAspiWDM.sys 2012-08-21 11:01:20 519048 ----a-w- 1A2E5109C2BB5C68D499E17B83ACB73A C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DIFxAPI.dll 2012-08-21 11:01:20 7638 ----a-w- C7E5945B9C608A2A23E97425A5B91415 C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\gearaspiwdmx64.cat 2012-08-21 11:01:28 1977816 ----a-w- 85E85B5BC75B0D712FEDB5633E1D2AFB C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\GEARDIFx.exe 2014-06-15 09:29:46 4842 ----a-w- 48E3EA535649694BF4FE9728EE71CE6D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DIFxInstallLog.txt ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3951 MB CPU Info: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz CPU Speed: 2261.2 MHz Sound Card: Speaker/HP (Realtek High Defini | Display Adapters: ATI Mobility Radeon HD 5650 | ATI Mobility Radeon HD 5650 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller | Atheros AR9285 Wireless Network Adapter CD / DVD Drives: 1x (F: | ) F: Optiarc DVD RW AD-7700H Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 2 Button Wheel Mouse Present Hard Disks: C: 455.0GB Hard Disks - Free: C: 355.4GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 09/23/09 | Sony - 20100126 Time Zone: Romance Standard Time Motherboard *: Sony Corporation VAIO Country: Belgium Language: NLB ==== System Specs (Software) ====================== Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Internet Explorer Version: 11.0.9600.17126 Google Chrome version: 35.0.1916.153 Adobe Reader version: 10.1.10.18 Sun Java version: 1.7.0_60 (32-bit) Flash Player version: 14.0.0.125 Shockwave Player version: 12.0r112 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-07-05 14:58:07 357CEBBCD99C8928A2D1A61A6CACC168 43152 ----a-w- C:\Windows\avastSS.scr 2014-06-20 10:41:45 09E5A1F24A533D20228695C8CE3574D3 21 ----a-w- C:\Windows\Model.txt ====== C:\Users\Flore\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== 2014-06-18 08:42:52 C067D1989D3CED638C3821CF866AA848 19968 ------r- C:\Windows\SysWOW64\drivers\RtsUIr.sys 2014-06-18 08:42:52 5C62508A344A2A13F6A7A85286AE8F62 50176 ------r- C:\Windows\SysWOW64\drivers\RtsUCcid.sys ====== C:\Windows\Sysnative ===== 2014-07-05 14:58:21 B46B41CE922CE5B7B055A28226DE2D79 307344 ----a-w- C:\Windows\Sysnative\aswBoot.exe ====== C:\Windows\Sysnative\drivers ===== 2014-07-05 14:58:27 B8FDEDE963B82CFD23B3A53A3084666D 1041168 ----a-w- C:\Windows\Sysnative\drivers\aswSnx.sys 2014-07-05 14:58:27 48DED912CDE54FC0923B9858512366E1 92008 ----a-w- C:\Windows\Sysnative\drivers\aswStm.sys 2014-07-05 14:58:27 471A311745848B80339436688A8286E6 224896 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys 2014-07-05 14:58:26 FF1E537A3632CBB9A0BF72B9FD0878D5 79184 ----a-w- C:\Windows\Sysnative\drivers\aswMonFlt.sys 2014-07-05 14:58:26 D95E64416A4A3ED6986E0F474DA934BD 29208 ----a-w- C:\Windows\Sysnative\drivers\aswHwid.sys 2014-07-05 14:58:26 645D97385F3F284FB5604F9B970F4D24 65776 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys 2014-07-05 14:58:26 0DEDC041DF594AEC2C3BD00417CFAF60 427360 ----a-w- C:\Windows\Sysnative\drivers\aswsp.sys 2014-07-05 14:58:25 A5757DE5F9C83AB40667A53D5126EA40 93568 ----a-w- C:\Windows\Sysnative\drivers\aswRdr2.sys 2014-06-20 12:43:59 E9981ECE8D894CEF7038FD1D040EB426 56832 ----a-w- C:\Windows\Sysnative\drivers\TsUsbFlt.sys 2014-06-20 10:27:09 05A0C2744CEAC6F1B723EC469B650EF0 47632 ----a-w- C:\Windows\Sysnative\drivers\PSKMAD.sys 2014-06-18 08:48:41 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf 2014-06-11 12:37:36 17F685B67C74B8F7BFED4308790B71DE 288192 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2014-06-11 12:37:36 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys ====== C:\Windows\Tasks ====== 2014-07-05 15:00:42 8A1D2788F84BE7169905BDB1182E002D 4182 ----a-w- C:\Windows\Sysnative\Tasks\avast! Emergency Update 2014-06-20 10:46:12 C114E5A34BAE66D843524BE91CC25FB8 3152 ----a-w- C:\Windows\Sysnative\Tasks\{7646674F-F251-4DCD-9FAD-2D1D504033B1} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-07-08 09:55:23 -------- d-----w- C:\Program Files\trend micro 2014-06-15 09:28:41 -------- d-----w- C:\Program Files\iPod 2014-06-15 09:28:40 -------- d-----w- C:\Program Files\iTunes ======= C:\PROGRA~2 ===== 2014-07-04 20:26:12 -------- d-----w- C:\PROGRA~2\VideoLAN 2014-06-19 16:05:58 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2014-06-18 08:53:51 -------- d-----w- C:\PROGRA~2\Belgium Identity Card 2014-06-15 17:07:18 -------- d-----w- C:\PROGRA~2\MetaGeek 2014-06-09 16:05:25 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\Flore\AppData\Roaming ====== 2014-07-08 11:59:28 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-07-08 11:59:28 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-07-08 11:59:28 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-07-08 11:59:28 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-07-08 11:59:27 -------- d-----w- C:\Users\Flore\AppData\Local\Temp 2014-07-06 19:36:28 -------- d-----w- C:\Users\Flore\AppData\Roaming\vlc 2014-07-05 15:09:31 -------- d-----w- C:\Users\Flore\AppData\Roaming\DropboxMaster 2014-07-05 15:09:20 -------- d-----w- C:\Users\Flore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-07-05 15:07:32 -------- d-----w- C:\Users\Flore\AppData\Roaming\Dropbox 2014-06-20 11:45:08 -------- d-----w- C:\Users\Flore\AppData\Roaming\QuickScan 2014-06-20 09:46:45 -------- d-sh--w- C:\Users\Flore\AppData\Locallow\EmieUserList 2014-06-20 08:52:54 -------- d-----w- C:\Users\Flore\AppData\Local\com 2014-06-20 08:52:47 -------- d-sh--w- C:\Users\Flore\AppData\Local\EmieUserList 2014-06-20 08:52:47 -------- d-sh--w- C:\Users\Flore\AppData\Local\EmieSiteList 2014-06-17 07:50:49 -------- d-sh--w- C:\Users\Flore\AppData\Locallow\EmieSiteList 2014-06-15 17:08:30 -------- d-----w- C:\Users\Flore\AppData\Local\MetaGeek,_LLC 2014-06-09 16:08:25 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Locallow\Sun 2014-06-09 16:07:50 -------- d-----w- C:\Users\Flore\AppData\Roaming\Oracle ====== C:\Users\Flore ====== 2014-07-08 09:55:06 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Flore\Downloads\RSITx64.exe 2014-07-05 15:01:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-07-05 14:54:18 4AF4D1D156DF61FC7364D1193862A068 4862664 ----a-w- C:\Users\Flore\Downloads\avast_free_antivirus_setup_online.exe 2014-07-04 21:55:38 EF65B69EDA22962698904A48B30498BE 779704 ----a-w- C:\Users\Flore\Downloads\Setup.exe 2014-07-04 21:26:39 436372F287FD2DB452832F4DB7139FB7 185424 ----a-w- C:\Users\Flore\Downloads\kss12.0.1.117abRU_EN_DE_FR_ES_IT_JA_PT_ZH_4296.exe 2014-07-04 20:26:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2014-07-04 20:25:03 DF463B4C69C1531D1DA7DA3E30E7F8B5 24677393 ----a-w- C:\Users\Flore\Downloads\vlc-2.1.3-win32.exe 2014-06-20 11:48:20 -------- d-----w- C:\ProgramData\F-Secure 2014-06-20 10:18:54 -------- d-----w- C:\ProgramData\Sony 2014-06-20 08:43:18 075B0DA82E23780FA2DD7F2EA0464FD4 258 --sha-r- C:\ProgramData\ntuser.pol 2014-06-19 16:05:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-06-18 08:54:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID 2014-06-18 08:43:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB2.0 Card Reader Software 2014-06-15 17:07:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek 2014-06-15 09:29:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-06-15 09:28:40 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 ====== C: exe-files == 2014-07-08 09:55:24 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Flore.exe 2014-07-08 09:55:06 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Flore\Downloads\RSITx64.exe 2014-07-05 14:58:21 B46B41CE922CE5B7B055A28226DE2D79 307344 ----a-w- C:\Windows\System32\aswBoot.exe 2014-07-05 14:54:18 4AF4D1D156DF61FC7364D1193862A068 4862664 ----a-w- C:\Users\Flore\Downloads\avast_free_antivirus_setup_online.exe 2014-07-04 21:55:38 EF65B69EDA22962698904A48B30498BE 779704 ----a-w- C:\Users\Flore\Downloads\Setup.exe 2014-07-04 21:26:39 436372F287FD2DB452832F4DB7139FB7 185424 ----a-w- C:\Users\Flore\Downloads\kss12.0.1.117abRU_EN_DE_FR_ES_IT_JA_PT_ZH_4296.exe 2014-07-04 20:26:46 C7381EEC1332559C3582B40A41221904 233566 ----a-w- C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe 2014-07-04 20:25:03 DF463B4C69C1531D1DA7DA3E30E7F8B5 24677393 ----a-w- C:\Users\Flore\Downloads\vlc-2.1.3-win32.exe === C: other files == 2014-07-05 14:58:27 B8FDEDE963B82CFD23B3A53A3084666D 1041168 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2014-07-05 14:58:27 48DED912CDE54FC0923B9858512366E1 92008 ----a-w- C:\Windows\System32\drivers\aswStm.sys 2014-07-05 14:58:27 471A311745848B80339436688A8286E6 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2014-07-05 14:58:26 FF1E537A3632CBB9A0BF72B9FD0878D5 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2014-07-05 14:58:26 D95E64416A4A3ED6986E0F474DA934BD 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys 2014-07-05 14:58:26 645D97385F3F284FB5604F9B970F4D24 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2014-07-05 14:58:26 0DEDC041DF594AEC2C3BD00417CFAF60 427360 ----a-w- C:\Windows\System32\drivers\aswsp.sys 2014-07-05 14:58:25 A5757DE5F9C83AB40667A53D5126EA40 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-818228490-3543105937-2819727540-1000\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "ISBMgr.exe"="C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" "PMBVolumeWatcher"="C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "ConnectionCenter"="C:\Program Files (x86)\Citrix\ICA Client\concentr.exe /startup" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Apoint"="%ProgramFiles%\Apoint\Apoint.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EADM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EADM" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Origin\\Origin.exe\" -AutoStart" ==== Startup Folders ====================== 2009-12-25 21:49:38 834 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk 2012-02-24 14:28:33 2653 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [07/07/2014 19:25] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24/01/2010 04:49] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24/01/2010 04:49] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\USER_ESRV_SVC" ["C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{0E626F3C-8A24-4FFB-84FD-07195C3D7244}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{719B40EA-FB73-4609-9493-C971744BBBBA}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{188D26AC-5AC0-4E68-9333-8FE504AE25DA}" [C:\Program Files (x86)\Ion Audio\EZ Vinyl Tape Converter\EZAudioConverter.exe] "C:\Windows\SysNative\tasks\{60E2CB50-BDF7-41CC-9B8B-2C113B696DF2}" [C:\Program Files (x86)\Jojo's Fashion Show - World Tour\drdmrzs.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\SONY\SUS-BCF\Level4Daily" [C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe] "C:\Windows\SysNative\tasks\SONY\SUS-BCF\Level4Month" [C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe] "C:\Windows\SysNative\tasks\SONY\VAIO Gate\VAIO Gate" [C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe] "C:\Windows\SysNative\tasks\SONY\VAIO Power Management\VPM Logon Start" [C:\Program Files\Sony\VAIO Power Management\SPMgr.exe] "C:\Windows\SysNative\tasks\SONY\VAIO Power Management\VPM Session Change" [C:\Program Files\Sony\VAIO Power Management\SPMgr.exe] "C:\Windows\SysNative\tasks\SONY\VAIO Power Management\VPM Unlock" [C:\Program Files\Sony\VAIO Power Management\SPMgr.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\CheckSystemInfo" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\DeployCRMflag" ["%ProgramFiles%\Sony\VAIO Care\DeployCRMflag.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\GetPOTInfo" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\UpdateSolution" ["%ProgramFiles%\Sony\VAIO Care\Solution.Updater.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\UploadPOT" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VAIO Care" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VCCheckIolo" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VCMetrics" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VCOneClick" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VCRLog" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VCSelfHeal" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Update\VAIO Update" ["C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair" [C:\Program Files\Sony\VAIO Update\VUSR.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [05/07/2014 16:58] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Flore\AppData\Roaming\Mozilla\Firefox\Profiles\7d1qzl9g.default 546A28FBC44B984FD92530227BF6F5C2 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll - Shockwave for Director / Shockwave for Director FC5866F7793AF2CBCD425CC4B8D32A9E - C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll - Zylom Plugin ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[05/07/2014 16:57] Google Docs - Flore\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Flore\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Google Voice Search Hotword (Beta) - Flore\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn YouTube - Flore\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Flore\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf ICE Quick Stream - Flore\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpioikmjnfipgphjldakcaocbbpnfabl Google Wallet - Flore\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Bitdefender QuickScan - Flore\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie Gmail - Flore\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://nl.msn.com/?ocid=U218DHP&pc=U218" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://nl.msn.com/?ocid=U218DHP&pc=U218" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{006ee092-9658-4fd6-bd8e-a21a348e59f5}" {006ee092-9658-4fd6-bd8e-a21a348e59f5} Bing Url="http://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: vpngui.exe.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{6DD0B22D-C026-4940-9700-1362E8BA5673}: NameServer = 192.168.1.1 O18 - Protocol: avgsecuritytoolbar - (no CLSID) - (no file) O18 - Protocol: dssrequest - (no CLSID) - (no file) O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: sacore - (no CLSID) - (no file) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Energy Server Service (ESRV_SVC) - Intel Corporation - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Intel(R) System Behavior Tracker Collector Service (SampleCollector) - Intel Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe O23 - Service: VAIO Media plus Database Manager (SOHDBSvr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe O23 - Service: VAIO Media plus Playlist Manager (SOHPlMgr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: User Energy Server Service (USER_ESRV_SVC) - Intel Corporation - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\vuagent.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Flore\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Flore\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5Y9SX6QY will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Flore\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=280 folders=139 111918414 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Flore\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Flore\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Flore\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5Y9SX6QY" not found ==== EOF on di 08/07/2014 at 15:46:03,61 ======================