Zoek.exe v5.0.0.0 Updated 19-10-2014 Tool run by Judith on di 21-10-2014 at 22:05:20,49. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Judith\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 21-10-2014 22:15:21 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\Cooking Dash deleted successfully C:\Program Files\Fotoservice deleted successfully C:\Program Files\HitmanPro deleted successfully C:\Program Files\iWin.com deleted successfully C:\Program Files\Micro Application deleted successfully C:\Program Files\MSN Games deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\Norton Security Scan deleted successfully C:\Program Files\NOS deleted successfully C:\Program Files\Sandlot Games deleted successfully C:\Program Files\Symantec deleted successfully C:\PROGRA~2\Babylon deleted successfully C:\PROGRA~2\Big Fish Games deleted successfully C:\PROGRA~2\HitmanPro deleted successfully C:\PROGRA~2\NOS deleted successfully C:\PROGRA~2\PCSettings deleted successfully C:\PROGRA~2\VAIO Media Platform deleted successfully C:\PROGRA~2\WinZip deleted successfully C:\PROGRA~2\ZoomBrowser deleted successfully C:\Users\Judith\AppData\Roaming\.# deleted successfully C:\Users\Judith\AppData\Roaming\DendaGames deleted successfully C:\Users\Judith\AppData\Roaming\ZoomBrowser EX deleted successfully C:\Users\Judith\AppData\Local\{74428FB8-7944-4278-87D3-BFA86F910384} deleted successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\CrashDumps deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-267216889-655234393-2014131820-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8CA5ED52-F3FB-4414-A105-2E3491156990} deleted successfully HKEY_USERS\S-1-5-21-267216889-655234393-2014131820-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8CA5ED52-F3FB-4414-A105-2E3491156990} deleted successfully HKEY_CLASSES_ROOT\CLSID\{8CA5ED52-F3FB-4414-A105-2E3491156990} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8CA5ED52-F3FB-4414-A105-2E3491156990} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\SLsvc.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Program Files\Norton Internet Security\Engine\21.6.0.32\NIS.exe C:\Program Files\Online Games Manager\ogmservice.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files\sony\VAIO Event Service\VESMgr.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe C:\Windows\system32\igfxext.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\taskeng.exe C:\Program Files\Norton Internet Security\Engine\21.6.0.32\NIS.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Apoint\Apntex.exe C:\Windows\system32\conime.exe C:\Users\Judith\AppData\Local\Google\Update\1.3.25.5\GoogleCrashHandler.exe C:\Users\Judith\Downloads\zoek.exe C:\Users\Judith\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Judith\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Judith\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Boonty Games deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Boonty Games deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8CA5ED52-F3FB-4414-A105-2E3491156990}] ==== Deleting Files \ Folders ====================== C:\Program Files\iWin Games deleted C:\Program Files\Common Files\BOONTY Shared deleted C:\Program Files\Java deleted C:\Users\Judith\AppData\Roaming\BabylonToolbar deleted C:\Users\Judith\AppData\Roaming\Babylon deleted C:\Users\Judith\AppData\Roaming\YoudaGames deleted C:\Users\Judith\AppData\Roaming\iWin deleted C:\Users\Judith\AppData\Roaming\Registry Mechanic deleted C:\PROGRA~2\SMRResults430.dat deleted C:\PROGRA~2\iWin deleted C:\PROGRA~2\Trymedia deleted C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager deleted C:\Users\Judith\Downloads\avg_free_stb_all_2013_2742_cnet.exe deleted C:\Windows\system32\tasks\RunAsStdUser Task deleted C:\Windows\system32\roboot.exe deleted C:\Windows\system32\GroupPolicy\Machine deleted C:\Windows\system32\GroupPolicy\User deleted C:\Windows\system32\GroupPolicy\gpt.ini deleted "C:\Windows\Installer\4c0a927.msi" deleted "C:\Windows\Installer\4c0a927.msi" deleted ==== System Specs ====================== Windows: Windows Vista Home Premium Edition Service Pack 2 (Build 6002) Memory (RAM): 1014 MB CPU Info: Intel(R) Core(TM)2 CPU T5300 @ 1.73GHz CPU Speed: 1744,0 MHz Sound Card: luidspreker/Hoofdtelefoon (Real | Display Adapters: Mobile Intel(R) 945GM Express Chipset Family | Mobile Intel(R) 945GM Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1280 X 800 - 32 bit Network: Network Present Network Adapters: LAN-Express AS IEEE 802.11g PCI-E Adapter | Marvell Yukon 88E8036 PCI-E Fast Ethernet Controller CD / DVD Drives: 1x (F: | ) F: QSI DVD-RAM SDW-086 Ports: COM3 LPT Port NOT Present. Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 102,5GB Hard Disks - Free: C: 17,2GB Manufacturer *: Phoenix Technologies LTD BIOS Info: AT/AT COMPATIBLE | 02/08/07 | Sony - 20070208 Time Zone: West-Europa (standaardtijd) Motherboard *: Sony Corporation VAIO Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Norton Internet Security On-access scanning disabled (Outdated) Anti-Spyware: Norton Internet Security disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: Norton Internet Security disabled Default Browser: Google Chrome 38.0.2125.104 Internet Explorer Version: 9.0.8112.16421 Google Chrome version: 38.0.2125.104 Adobe Reader version: 10.1.12.15 Shockwave Player version: 12.0r112 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Judith\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-10-21 19:57:48 742BD1F196FEFC94A6379BA039D3CD00 96680 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll 2014-10-17 18:07:07 842DE20A6487D830A458DDB5E0363F13 156824 ----a-w- C:\Windows\System32\mscorier.dll 2014-10-17 18:07:07 653DFC2662680AB61232E1531147558A 81560 ----a-w- C:\Windows\System32\mscories.dll 2014-10-17 18:07:04 8580484193CE0A0788830FBAB97CF13B 1131664 ----a-w- C:\Windows\System32\dfshim.dll 2014-10-17 17:31:05 69EEF0917300F377BC056FFF9C861649 2054656 ----a-w- C:\Windows\System32\win32k.sys 2014-10-16 05:22:59 E8B3EE6038623D549264AE37BD3E0209 41472 ----a-w- C:\Windows\System32\msfeedsbs.dll 2014-10-16 05:22:59 E5C50FC8B9EDF1530EF230A687A5EB0B 421376 ----a-w- C:\Windows\System32\vbscript.dll 2014-10-16 05:22:59 90634CE0C5601BF19E93076052D2A3D6 10752 ----a-w- C:\Windows\System32\msfeedssync.exe 2014-10-16 05:22:59 89FACA9614F1C949106106BEB23D1EC0 353792 ----a-w- C:\Windows\System32\dxtmsft.dll 2014-10-16 05:22:59 29B990A63A3448A2AAC5FB9A441C8AF0 65536 ----a-w- C:\Windows\System32\jsproxy.dll 2014-10-16 05:22:59 1524E24AC57E375F3C42481A9ACEE038 1138688 ----a-w- C:\Windows\System32\urlmon.dll 2014-10-16 05:22:59 09192845BF15D30A86E8AD012F232AEC 11776 ----a-w- C:\Windows\System32\mshta.exe 2014-10-16 05:22:57 D93F3F1134C9CBC81D6F7D470A29E557 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2014-10-16 05:22:56 10B238C056068548211288D5DCC109DD 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2014-10-16 05:22:55 A6F7BBEFFD204C45BD732A261A52EED4 231936 ----a-w- C:\Windows\System32\url.dll 2014-10-16 05:22:55 77742DDD19DB7503EEBF0A4A5A0AD6B1 1802752 ----a-w- C:\Windows\System32\iertutil.dll 2014-10-16 05:22:55 4037D4729F978F9677B4BD8E2D855BD7 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-10-16 05:22:55 12486BDE40B31322A239D150C595BAF4 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-10-16 05:22:54 8163D88337C067C8B75BA80BEBC0B0CD 9739776 ----a-w- C:\Windows\System32\ieframe.dll 2014-10-16 05:22:54 3252D4791357FEE6C2BAF0619C041317 1129472 ----a-w- C:\Windows\System32\wininet.dll 2014-10-16 05:22:52 EE05498252DED63A6998C2629FFEFB89 223232 ----a-w- C:\Windows\System32\dxtrans.dll 2014-10-16 05:22:52 9B2FD5A84AA985B0393E0BF33391F4EF 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2014-10-16 05:22:52 5B170AD076338C48CDC77ABA487DD6FC 176640 ----a-w- C:\Windows\System32\ieui.dll 2014-10-16 05:22:51 7F2188097B1D46554A7D1A31C787C978 717824 ----a-w- C:\Windows\System32\jscript.dll 2014-10-16 05:22:48 3E7834CD2A543D58443BBE38FD74E8EB 12364288 ----a-w- C:\Windows\System32\mshtml.dll 2014-10-16 05:22:47 1DDFA163F4FA305DE1F81CD80DE53F87 1810432 ----a-w- C:\Windows\System32\jscript9.dll 2014-10-15 21:54:18 1EB8CA23B805D3F8DBDAC8CAE7979B8B 66560 ----a-w- C:\Windows\System32\packager.dll ====== C:\Windows\system32\drivers ===== 2014-10-15 22:09:46 4E404505B3F62ECFBDBCBBCF0A72DBC5 143360 ----a-w- C:\Windows\System32\drivers\fastfat.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-10-21 19:58:49 -------- d-----w- C:\Program Files\Common Files\Java 2014-10-20 17:54:39 -------- d-----w- C:\Program Files\trend micro 2014-10-13 11:34:01 -------- d-----w- C:\Program Files\Common Files\Skype 2014-10-13 11:34:01 -------- d-----r- C:\Program Files\Skype ======= C: ===== ====== C:\Users\Judith\AppData\Roaming ====== 2014-09-24 10:26:02 -------- d-----w- C:\Users\Judith\AppData\Roaming\aliasworlds ====== C:\Users\Judith ====== 2014-10-21 19:56:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-10-21 19:15:12 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\Judith\Downloads\chromeinstall-8u25 (1).exe 2014-10-21 19:09:47 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\Judith\Downloads\chromeinstall-8u25.exe 2014-10-20 17:51:36 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Judith\Downloads\RSIT.exe 2014-10-18 11:02:42 F51832F87131D81F1268A0A42C4C9991 800032 ----a-w- C:\Users\Judith\Downloads\Chocolatier_Decadence_by_Design_Download{417028}.exe 2014-10-15 17:42:20 035E8BC9483AE4186CBEECFCA76B0032 3078800 ----a-w- C:\Users\Judith\Downloads\NPE (2).exe 2014-10-15 17:42:16 035E8BC9483AE4186CBEECFCA76B0032 3078800 ------w- C:\Users\Judith\Downloads\NPE (1).exe 2014-10-15 17:09:19 0713590CECDE70F6ED2AC950316BDDBE 413363032 ----a-w- C:\Users\Judith\Downloads\20141014-025-v5i32.exe 2014-10-13 11:34:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-10-05 22:17:01 483A6964684290F0A9DD8957A36DC050 27561 ----a-w- C:\Users\Judith\CV.pdf ====== C: exe-files == 2014-10-18 11:11:35 616D676F98EB86E5FC5CFC00E448CB68 38182560 ----a-w- C:\Boonty\Games\ranchrush{371161}.exe 2014-10-18 11:06:37 5F9662AA9C2C94A380DE1653E5A468EC 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-267216889-655234393-2014131820-1003\$I6MMLD3.exe 2014-10-18 11:06:22 2617C12BD04AF3E4DFE35A62A3A11FC1 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-267216889-655234393-2014131820-1003\$IJ1H4RT.exe 2014-10-18 11:06:17 4B3C41608B828C9E8A3B1D873974A70B 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-267216889-655234393-2014131820-1003\$I62KI2L.exe 2014-10-18 11:06:17 299C206AD57A1C26746D094026FF73AC 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-267216889-655234393-2014131820-1003\$I095YCN.exe 2014-10-18 11:06:12 472D8F3C05B5DA30466209C502BFEAC7 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-267216889-655234393-2014131820-1003\$IPJ16TP.exe 2014-10-18 11:06:12 38738DBD34F86142A73756E2AA17A7FC 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-267216889-655234393-2014131820-1003\$IKIS3NM.exe 2014-10-18 11:06:04 A343125B8335EE0EFD85CCABA10C141E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-267216889-655234393-2014131820-1003\$I9JHFIY.exe 2014-10-18 11:06:04 96107BA92BC69968A40F441591698138 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-267216889-655234393-2014131820-1003\$IX7B0U6.exe 2014-10-18 11:06:04 507432C7C640B52C56FC041DD82DCF51 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-267216889-655234393-2014131820-1003\$I9CVQYP.exe 2014-10-18 11:05:25 CC87EE3900CD783D01A89344E0973F96 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-267216889-655234393-2014131820-1003\$ID85TMR.exe 2014-10-18 11:05:18 B0D5DADD99916910B421AFA29F70ED8E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-267216889-655234393-2014131820-1003\$I8WA2UE.exe 2014-10-18 11:05:13 8FE7826D340C6DB01B401E3CF4C51208 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-267216889-655234393-2014131820-1003\$I3KL3OP.exe 2014-10-18 11:04:40 0550967B5C88FFD93C2181EF8AEA7344 29589568 ----a-w- C:\Boonty\Games\chocolatierdecadencebydesign{417028}.exe 2014-10-18 10:40:34 7CA1457B50D464F319ACEA40A2D649FC 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-267216889-655234393-2014131820-1003\$IMB3Y2A.exe 2014-10-18 10:40:25 9563C457493C32F8D4E04BBFC2482EC5 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-267216889-655234393-2014131820-1003\$I9SN0I4.exe 2014-10-18 10:39:56 1AC55DFCDAD5F3FC8881AEFB63931204 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-267216889-655234393-2014131820-1003\$IR4SZL4.exe 2014-10-18 10:39:48 6F856F11F3DC9C62118154BD9202A3F1 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-267216889-655234393-2014131820-1003\$IUK84C3.exe 2014-10-17 19:53:21 9ACE1B25C8E1FA117B85C3B3B07E79B9 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-267216889-655234393-2014131820-1003\$I0T2CN7.exe 2014-10-16 17:47:24 5BA10F796A0C2A76E5F633E40C6A94AE 58770176 ----a-w- C:\Boonty\Games\rescueteam3{1259494}.exe 2014-10-16 16:46:12 F51832F87131D81F1268A0A42C4C9991 800032 ----a-w- C:\$Recycle.Bin\S-1-5-21-267216889-655234393-2014131820-1003\$R0T2CN7.exe 2014-10-16 16:39:33 F51832F87131D81F1268A0A42C4C9991 800032 ----a-w- C:\$Recycle.Bin\S-1-5-21-267216889-655234393-2014131820-1003\$RUK84C3.exe 2014-10-15 21:17:05 F51832F87131D81F1268A0A42C4C9991 800032 ----a-w- C:\$Recycle.Bin\S-1-5-21-267216889-655234393-2014131820-1003\$RMB3Y2A.exe 2014-10-15 21:04:47 F51832F87131D81F1268A0A42C4C9991 800032 ----a-w- C:\$Recycle.Bin\S-1-5-21-267216889-655234393-2014131820-1003\$RR4SZL4.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-267216889-655234393-2014131820-1003\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" "Google Update"="C:\Users\Judith\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" "Apoint"="C:\Program Files\Apoint\Apoint.exe" "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" "Google Update"="C:\Users\Judith\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~1\\Google\\GOOGLE~4\\GOEC62~1.DLL" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKCU" "command"="C:\\Program Files\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesHelper" "hkey"="HKCU" "command"="C:\\Program Files\\Samsung\\Kies\\KiesHelper.exe /s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPDLR] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesPDLR" "hkey"="HKCU" "command"="C:\\Program Files\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesPreload" "hkey"="HKCU" "command"="C:\\Program Files\\Samsung\\Kies\\Kies.exe /preload" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesTrayAgent" "hkey"="HKLM" "command"="C:\\Program Files\\Samsung\\Kies\\KiesTrayAgent.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Defender] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Windows Defender" "hkey"="HKLM" "command"="%ProgramFiles%\\Windows Defender\\MSASCui.exe -hide" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Browser Manager] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iWinTrusted] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "Google Update"="\"C:\\Users\\Judith\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "ISBMgr.exe"="\"C:\\Program Files\\Sony\\ISB Utility\\ISBMgr.exe\"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [25-09-2014 23:26] C:\Windows\tasks\GoogleUpdateTaskMachineCore1cec798cddd2630.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [20-10-2014 18:45] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ :C:\Program Files\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-267216889-655234393-2014131820-1003Core.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-267216889-655234393-2014131820-1003UA.job --a------ C:\Users\Judith\AppData\LoC:al\Google\Update\GoogleUpdate.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\Google Updater and Installer" [C:\Users\Judith\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1cec798cddd2630" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-267216889-655234393-2014131820-1003Core" [C:\Users\Judith\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-267216889-655234393-2014131820-1003UA" [C:\Users\Judith\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\LaunchMCV" [DeleteLauncher.vbs] "C:\Windows\system32\tasks\MCVSurveyReminder1" [DeleteReminders.vbs] "C:\Windows\system32\tasks\MCVSurveyReminder2" [DeleteReminders.vbs] "C:\Windows\system32\tasks\MCVSurveyReminder3" [DeleteReminders.vbs] "C:\Windows\system32\tasks\MCVSurveyReminder4" [DeleteReminders.vbs] "C:\Windows\system32\tasks\Norton WSC Integration" ["C:\Program Files\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe"] "C:\Windows\system32\tasks\Start Registry Reviver" [C:\Program Files\Reviversoft\Registry Reviver\RegistryReviver.exe] "C:\Windows\system32\tasks\Vista Task Low" [C:\Program Files\RealArcade\RealArcade.exe] "C:\Windows\system32\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files\Norton Internet Security\Engine\21.6.0.32\SymErr.exe] "C:\Windows\system32\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files\Norton Internet Security\Engine\21.6.0.32\SymErr.exe] "C:\Windows\system32\tasks\SONY\WSSU\WSSU" [C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF" [20-11-2013 10:29] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{b64982b1-d112-42b5-b1e4-d3867c4533f8}"="C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension" [] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions iikflkcanblccfahdhdonehdalibjnif - No path found[] mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx[20-09-2014 10:52] pgafcinpmmpklohkojmllohdhomoefph - C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx[] YouTube - Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Norton Security Toolbar - Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Google Wallet - Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage deleted successfully C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal deleted successfully C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsfreak.com_0.localstorage deleted successfully C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsfreak.com_0.localstorage-journal deleted successfully C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_superdeals.leaseplan.nl_0.localstorage deleted successfully C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_superdeals.leaseplan.nl_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com/ie" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://home.myplaycity.com/" "Default_Page_URL"="http://www.club-vaio.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search/?q=%s" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.google.nl" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{17C90860-79DC-480D-A636-EA3B15A11742}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {17C90860-79DC-480D-A636-EA3B15A11742} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_nl" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rlz=1I7GGLL_nl&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7" {70D46D94-BF1E-45ED-B567-48701376298E} Google Desktop Url="http://127.0.0.1:4664/search&s=aobjc4AQVgvnu80RbNG8DykdFwA?q={searchTerms}" {afdbddaa-5d3f-42ee-b79c-185a7020515b} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-267216889-655234393-2014131820-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_USERS\S-1-5-21-267216889-655234393-2014131820-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_USERS\S-1-5-21-267216889-655234393-2014131820-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully HKEY_USERS\S-1-5-21-267216889-655234393-2014131820-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully HKEY_USERS\S-1-5-21-267216889-655234393-2014131820-1003\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-267216889-655234393-2014131820-1003\Software\Mozilla\Firefox\Extensions\{b64982b1-d112-42b5-b1e4-d3867c4533f8} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper deleted successfully ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Judith\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\21.6.0.32\NIS.exe O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files\Online Games Manager\ogmservice.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Judith\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Judith\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Judith\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Judith\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1081 folders=106 253514691 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Judith\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Judith\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Judith\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on di 21-10-2014 at 23:03:14,49 ======================