Zoek.exe v5.0.0.0 Updated 04-November-2014 Tool run by stefanie on di 04/11/2014 at 17:56:25,91. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\stefanie\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 4/11/2014 18:00:25 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Fotoalbum deleted successfully C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\rkfree deleted successfully C:\PROGRA~2\COMMON~1\XCPCSync.OEM deleted successfully C:\Users\stefanie\AppData\Roaming\FK_Monitor deleted successfully C:\Users\stefanie\AppData\Roaming\Malwarebytes deleted successfully C:\Users\stefanie\AppData\Roaming\Solvusoft deleted successfully C:\Users\stefanie\AppData\Roaming\TP deleted successfully C:\Users\stefanie\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\stefanie\AppData\Local\cache deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1159067749-3342026126-2323833470-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-1159067749-3342026126-2323833470-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-1159067749-3342026126-2323833470-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-1159067749-3342026126-2323833470-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05b5ef3f-4c6a-426e-b77e-48ebb3e721f1} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== Running Processes ====================== C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Windows\SysWOW64\DllHost.exe C:\Windows\SysWOW64\DllHost.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Users\stefanie\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Framed Display\bin\utilFramedDisplay.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\ProgramData\ecbaef90-5696-41e1-a1c3-3e8112ce2840\maintainer.exe C:\Program Files (x86)\Framed Display\bin\FramedDisplay.BrowserAdapter.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files\Sony\VAIO Care\VCService.exe C:\Program Files (x86)\Framed Display\updateFramedDisplay.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe C:\Program Files\Sony\VAIO Care\listener.exe C:\Users\stefanie\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update Framed Display deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update Framed Display deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update Framed Display deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update Framed Display deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util Framed Display deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util Framed Display deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util Framed Display deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util Framed Display deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\cnnl7whq.default user.js not found ---- Lines Framed Display removed from prefs.js ---- user_pref("extensions.Framed Display.asul", "1413833092337"); user_pref("extensions.Framed Display.irl", true); user_pref("extensions.Framed Display.is", "isgiwhBE"); user_pref("extensions.Framed Display.ug", "E6B9EBB8-D71D-412B-8456-789BC050FED7"); ---- FireFox user.js and prefs.js backups ---- prefs_20140411_1819_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05b5ef3f-4c6a-426e-b77e-48ebb3e721f1}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] ==== Batch Command(s) Run By Tool====================== C:\Windows\system32\appdata deleted ==== Deleting Files \ Folders ====================== C:\Users\stefanie\AppData\Roaming\Solvusoft not found C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 deleted C:\Users\stefanie\AppData\Roaming\0C1I1L1R1J0C1F1G1G1P1R2Z deleted C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 deleted C:\Users\stefanie\.android deleted C:\PROGRA~2\Wondershare deleted C:\PROGRA~2\COMMON~1\Wondershare deleted C:\extensions.sqlite deleted C:\Users\stefanie\AppData\Roaming\WB.CFG deleted C:\PROGRA~3\boost_interprocess deleted C:\Users\stefanie\AppData\Local\Wondershare deleted C:\Users\stefanie\AppData\Local\CrashRpt deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted C:\Windows\SysNative\roboot64.exe deleted C:\Users\stefanie\AppData\LocalLow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com deleted C:\windows\SysNative\drivers\{2859046f-5dca-482a-8c2d-37943d33a392}Gw64.sys deleted C:\windows\SysNative\drivers\{29302da5-1178-40ac-a178-4cb57ebcc501}Gw64.sys deleted C:\windows\SysNative\drivers\{6db7eb66-a30b-41a3-809c-addb2341dafb}Gw64.sys deleted C:\windows\SysNative\drivers\{7012eec1-4f37-42d4-a2cd-26727494d248}Gw64.sys deleted C:\windows\SysNative\drivers\{a6762132-8e80-4305-b1ba-2bec91757ac2}Gw64.sys deleted C:\windows\SysNative\drivers\{dda91daf-e6f8-4453-88d1-df18d861c904}Gw64.sys deleted C:\windows\SysNative\GroupPolicy\machine deleted C:\windows\SysNative\GroupPolicy\gpt.ini deleted C:\Users\Public\Desktop\Flvto Youtube Downloader.lnk deleted "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" deleted "C:\Program Files (x86)\Framed Display\updateFramedDisplay.exe" deleted "C:\PROGRA~2\Framed Display\updateFramedDisplay.exe" deleted "C:\Program Files (x86)\Framed Display\bin\FramedDisplay.PurBrowse64.exe" deleted "C:\Program Files (x86)\Framed Display\bin\utilFramedDisplay.exe" deleted "C:\PROGRA~2\Framed Display\bin\FramedDisplay.PurBrowse64.exe" deleted "C:\PROGRA~2\Framed Display\bin\utilFramedDisplay.exe" deleted "C:\Program Files (x86)\Microsoft\BingBar" not deleted "C:\Program Files (x86)\Framed Display" not deleted "C:\PROGRA~2\Framed Display" not deleted "C:\Program Files (x86)\Framed Display\bin" not deleted "C:\PROGRA~2\Framed Display\bin" not deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4078 MB CPU Info: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz CPU Speed: 2314,4 MHz Sound Card: Speaker/HP (Conexant SmartAudio | Display Adapters: NVIDIA GeForce 410M | NVIDIA GeForce 410M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Atheros AR9285 Wireless Network Adapter | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (D: | ) D: TSSTcorpCDDVDW SN-208BB Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 2 Button Wheel Mouse Present Hard Disks: C: 226,3GB | F: 224,2GB | Q: 0,0MB Hard Disks - Free: C: 138,8GB | F: 220,4GB | Q: 0,0MB Manufacturer *: INSYDE BIOS Info: AT/AT COMPATIBLE | 11/17/11 | Sony - 20111117 Time Zone: Romance (standaardtijd) Motherboard *: Sony Corporation VAIO Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Emsisoft Anti-Malware On-access scanning disabled (Outdated) Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Emsisoft Anti-Malware disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Default Browser: Firefox 33.0.2 Internet Explorer Version: 11.0.9600.17358 Mozilla Firefox version: 33.0.2 (x86 nl) Adobe Reader version: 10.1.12.15 Sun Java version: 1.8.0_25 (32-bit) Sun Java version: 1.8.0_25 (64-bit) Flash Player version: 15.0.0.189 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\stefanie\AppData\Local\Temp ==== ====== Java Cache ===== 2014-10-26 14:42:29 EF0B9040E2D9B1B8505303CDB0CD0A0E 146 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\10b5f501-3f5f088e 2014-10-26 14:42:29 E3B716BE20CCD307B8BA22EE0F221685 1033 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\5626e281-28ed2d18 2014-10-26 14:42:26 45934F387A40FF82C60D36E3C936F8A8 698 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\65627e8a-3277781d 2014-10-26 14:42:16 FD59EE7E427EF2CAA0B8EA38EA4183E2 2762 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\660b204a-17801aab 2014-10-26 14:42:29 62B1AD40C10DF98D40B58917AB51DCBA 1290 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\5805e34b-7ed33feb 2014-11-04 16:48:31 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-5401ba2a 2014-10-26 14:42:26 3A9E87DDADB915817E8AEF772D69FA92 699 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\3a6c4fce-2858fe32 2014-11-04 16:48:20 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-1905e7df 2014-11-04 16:48:21 62A727F15714B9A8C98AA65665F18C76 424 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap 2014-10-21 17:21:04 F47A84FA4762E41FC4F3B2A0F71232EF 223082 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\7fbc6151-5a94da99 2014-11-04 16:54:28 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-384187ce 2014-10-26 14:42:27 A9E4AE31D5FC9D0C113CD01DF9DFAC60 705 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\36ea9355-7fedf3f8 2014-10-26 14:42:27 FB2D399D260A0E64C8D7D100350F51A3 1146 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\23fac056-42ce1e05 2014-10-26 14:42:29 5451B81D7C449922150B4E309C4D1DD7 130 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\3aec2b96-7e84133a 2014-10-26 14:42:28 78FD7CB599658FB86FEF311D493809F1 129 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\79d435d6-774efe7e 2014-10-26 14:42:29 D655A3679A359FB81D771AA380E6FE4A 1022 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\16ee2fd7-56e39feb 2014-10-26 14:42:26 4A3229FEAC4B601D7583FE068ACD466D 423 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\37829ed7-5507bbb6 2014-10-26 14:42:29 1B0C5215DEA9EFE97B28076BCBDC34AA 569 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\4fbd158-222528d8 2014-10-26 14:42:28 17344FEB4DCA982172BC7514AA0E17C0 1067 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\3ccfde59-552ed653 2014-10-26 14:42:28 594DCD30BC10F837656747BC931106B9 1214 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\783cdf59-6c087f2f 2014-10-26 14:42:29 9F25CC0DAB185DDFCC8C266DF7217365 1730 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\6eba015c-43a8a34f 2014-10-26 14:42:28 B1AD4B94A0A9A023EF3D288C07517435 765 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\78188703-7f553b23 2014-10-21 17:21:03 E9B7CD2E65E6FB80E41FFB079E9E3810 452 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\61ca0a1e-40058969ec65dbe22e82ac4285e6d6fcd9daf6afedb092a5f365570f4e3f255f-6.0.lap 2014-11-04 16:48:18 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\34e05d1f-48115f44 2014-10-26 14:42:26 B9616B8A66E92815482F5ED9722EA1C6 1117 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\2e9f95e1-60e9451d 2014-10-26 14:42:27 BCDC3B75E4B76B2DC9373A6849401D87 941 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\3b9a2de1-5a16c368 2014-10-26 14:42:25 5DB2A7ECFF63E53DC2B597B90E4EF43E 527 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\5642b861-400af2e2 2014-10-26 14:42:27 192AD0D03CF5BBCEFD55104ABA673BBB 689 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\23b555a2-73e1c263 2014-10-26 14:42:28 652E6B08CB13CEF8B5986A3D019091EE 906 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\7603e62-2e792876 2014-10-26 14:42:27 AAA769F0E7F94B327C9E4343CC24BD3F 1162 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\50e8b764-50ecb709 2014-10-26 14:42:28 5AAB20FD392D721E3AA6A09D8731056F 1214 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\2502c825-1c8c7ce0 2014-10-26 14:42:27 B2C2AAF1BCE48F9DA08A0E0D5A96397D 671 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\313bf684-5829ffdd 2014-10-26 14:42:29 BC7DCBAACE875B505A1F2AAFB56F8EAC 90 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\5ae8f44-2164efc6 2014-10-26 14:42:28 1A8B04CD246147AB3ADC7161254DCD60 1337 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\77a55a04-666cb7a4 2014-10-26 14:42:26 6224549CBE5BCA650E079D39CFDAE5C3 1131 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\6b36d5e9-335b28f5 2014-10-26 14:42:26 02727403E772A7BB71E521495C5B2DA4 946 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\2158206a-4a6a3f3e 2014-11-04 16:48:21 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-4482d2e9 2014-10-26 14:42:26 EC4EBA472A2D99BBA874676696FDE92B 696 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\2d4ee8ab-4549f7c3 2014-10-26 14:42:29 DD39ED268AED5CA3E9E00A6B239F7433 678 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\3c6b07ee-5b01265f 2014-10-26 14:42:37 5AA47C3729595FF261CB63FD84269453 3285 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\2c716770-6d70ae01 2014-10-26 14:42:29 43CB1DD81743DEC54945E7BFD73973A3 553 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\4fa12930-32f06287 2014-10-26 14:42:28 3688AF12FF87C7604A12ED76521D6039 4382 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\5d1cc834-68b8d7d1 2014-10-26 14:42:28 B7CA4C6C9898C832E23788E21F6ED786 1383 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\53d212b7-43c3dfbe 2014-10-26 14:42:28 58C440504EB6A17035EE739A60840478 666 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\1b3c0739-290725c8 2014-10-26 14:42:27 1F43FC187BE32DB13787B39069D56727 9183 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\71714839-63823c76 2014-10-26 14:42:26 24737EB5D2EBBC9081B8E63B51515849 696 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\743b163a-7dc888f9 2014-10-26 14:42:26 7592C9D74D4C8630F5A71BE56B12D8BA 643 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\1ac3717d-2a608394 2014-10-26 14:42:28 81E92BE530F6E985D07766DAA1EE8150 100 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\1719977e-3e48743b 2014-10-26 14:42:27 571E01434B3A8E5BAE25C47BFEA28B91 696 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\491705be-4316ba0b 2014-10-26 14:42:27 FB2D399D260A0E64C8D7D100350F51A3 1146 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\5753657e-2aaca1a7 2014-10-26 14:42:28 05D7102FDD0F96501D82CA8408E72B21 2494 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\1b21aa7f-1d3831f3 2014-10-26 14:42:26 41213F3A31D75E3E457B76E223C974E4 435 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\56565007-79c15208 2014-10-26 14:42:27 EA3D72BE02FAF3AE3AF537F4B216653C 1136 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\60621588-54d5d585 2014-10-26 14:42:27 2815C88AEA6783CE7AD34640852D8E2E 671 ----a-w- C:\Users\stefanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\5baf1ec9-35947640 ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-11-03 09:54:51 392CA297C69847FA2EB66BFD2E54C0F1 437336 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT ====== C:\Windows\Sysnative\drivers ===== 2014-10-15 04:22:41 946010CDFA91469351B22E2620CEBCD8 663552 ----a-w- C:\Windows\Sysnative\drivers\PEAuth.sys 2014-10-15 04:22:27 80B9412C4DE09147581FC935FB4C97AB 61440 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2014-10-15 04:20:22 FE571E088C2D83619D2D48D4E961BF41 212480 ----a-w- C:\Windows\Sysnative\drivers\rdpwd.sys 2014-10-15 04:20:15 E232A3B43A894BB327FC161529BD9ED1 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-11-04 14:28:26 -------- d-----w- C:\Program Files\trend micro 2014-10-25 08:06:52 -------- d-----w- C:\Program Files\iPod 2014-10-25 08:06:50 -------- d-----w- C:\Program Files\iTunes ======= C:\PROGRA~2 ===== 2014-11-04 16:52:18 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-11-02 18:48:08 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service 2014-10-25 08:10:35 -------- d-----w- C:\PROGRA~2\QuickTime 2014-10-25 08:06:50 -------- d-----w- C:\PROGRA~2\iTunes 2014-10-20 19:23:27 -------- d-----w- C:\PROGRA~2\Framed Display ======= C: ===== ====== C:\Users\stefanie\AppData\Roaming ====== 2014-11-03 09:56:24 CE487F041542CACDA3705A72E05F82F5 117792 ----a-w- C:\Users\stefanie\AppData\Local\GDIPFONTCACHEV1.DAT 2014-11-03 08:52:45 212B5F594E23114B22CFB02DD37BC3D5 241936 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2014-11-03 08:07:34 8E30AE886AE1B88044BD0469944CF4D0 7603 ----a-w- C:\Users\stefanie\AppData\Local\Resmon.ResmonCfg 2014-10-15 04:07:36 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Mozilla 2014-10-15 04:07:36 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Mozilla 2014-10-15 04:07:29 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp 2014-10-15 04:06:02 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Adobe 2014-10-15 04:05:42 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Atheros 2014-10-15 04:05:02 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Adobe 2014-10-15 04:05:02 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Temp 2014-10-15 04:05:01 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-10-15 04:04:56 -------- d-----r- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-10-15 04:04:56 -------- d-----r- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-10-15 04:04:39 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Identities 2014-10-13 07:45:27 -------- d-----w- C:\Users\stefanie\AppData\Local\Adobe ====== C:\Users\stefanie ====== 2014-11-04 16:49:09 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\stefanie\Downloads\jxpiinstall.exe 2014-11-04 14:28:02 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\stefanie\Downloads\RSITx64.exe 2014-11-03 19:23:38 F78940628EB76AB6E654C19EE33F2F89 24743106 ----a-w- C:\Users\stefanie\Downloads\vlc-2.1.5-win32(1).exe 2014-10-31 20:48:51 C7969516D87176867BD5AE772967006F 3894696 ----a-w- C:\Users\stefanie\Downloads\Reparatieprogramma-voor-Plugin-container.exe-WinThruster.exe 2014-10-29 23:24:18 F78940628EB76AB6E654C19EE33F2F89 24743106 ----a-w- C:\Users\stefanie\Downloads\vlc-2.1.5-win32.exe 2014-10-28 19:19:27 5943C25E20DFFC0801EE1E38DC9E3DDD 4991400 ----a-w- C:\Users\stefanie\Downloads\Shockwave_Installer_Slim.exe 2014-10-28 08:15:39 -------- d-----w- C:\ProgramData\ecbaef90-5696-41e1-a1c3-3e8112ce2840 2014-10-25 08:11:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-10-25 08:08:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-10-25 07:58:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2014-10-22 14:03:05 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\ProgramData\ntuser.pol 2014-10-20 07:16:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-10-15 04:07:37 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Favorites 2014-10-15 04:07:37 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Desktop 2014-10-15 04:04:56 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Music 2014-10-15 04:04:56 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Downloads 2014-10-15 04:04:55 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Videos 2014-10-15 04:04:55 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Pictures 2014-10-15 04:04:55 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Favorites 2014-10-15 04:04:30 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Desktop ====== C: exe-files == 2014-11-04 17:21:53 BE478237125F179109E40A1F281C7553 114936 ----a-w- C:\Program Files (x86)\Framed Display\bin\FramedDisplay.BrowserAdapter64.exe 2014-11-04 17:21:53 9286575D6AC57634DE5BD2F38F8D6B4E 98552 ----a-w- C:\Program Files (x86)\Framed Display\bin\FramedDisplay.BrowserAdapter.exe 2014-11-04 16:51:38 AA3520FB0133A56BEE1DB34D74DBEF64 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2014-11-04 16:51:38 75D477E868CA51EC1B09D730570F322B 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2014-11-04 16:51:38 691D49FB44EDE9788288CABE4F7E0DAF 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2014-11-04 16:51:25 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmid.exe 2014-11-04 16:51:25 67F763B09F4BC8689E6FA9761E068D74 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\unpack200.exe 2014-11-04 16:51:25 57E1F756FAA787623DFCD2C1B2AACC68 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssvagent.exe 2014-11-04 16:51:25 33D2AF53E209DA3E2BA939EB89801DC0 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmiregistry.exe 2014-11-04 16:51:25 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\servertool.exe 2014-11-04 16:51:25 28FC00F89631B0F6E1E9CA386FADD566 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\tnameserv.exe 2014-11-04 16:51:24 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\pack200.exe 2014-11-04 16:51:24 A458E2535E46151690E53E2A03FAA711 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\keytool.exe 2014-11-04 16:51:24 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\kinit.exe 2014-11-04 16:51:24 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\orbd.exe 2014-11-04 16:51:24 75EE99C7F0038C746D82C76221ECA4EF 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\policytool.exe 2014-11-04 16:51:24 4367C05B0CF5553E71B34F51003D0615 76200 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2launcher.exe 2014-11-04 16:51:24 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\klist.exe 2014-11-04 16:51:24 26C7F32186B1F0364CD06EA69227A79D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ktab.exe 2014-11-04 16:51:23 B719E0F43166037DF46B5CFBE60A5118 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jjs.exe 2014-11-04 16:51:23 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe 2014-11-04 16:51:23 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe 2014-11-04 16:51:22 70E67429D2C011FD0419AF899A8D0D70 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe 2014-11-04 16:51:21 BB8C890E3E6372F2720709262BD42BF4 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jabswitch.exe 2014-11-04 16:51:21 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe 2014-11-04 16:51:21 74713E9C1B01B152DDD3A1A3519A3647 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java-rmi.exe 2014-11-04 16:49:09 44933ED144874569EB5A43B613CBE88A 638888 ----a-w- C:\Users\stefanie\Downloads\jxpiinstall.exe 2014-11-04 14:28:27 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\stefanie.exe 2014-11-04 14:28:02 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\stefanie\Downloads\RSITx64.exe 2014-11-03 19:23:38 F78940628EB76AB6E654C19EE33F2F89 24743106 ----a-w- C:\Users\stefanie\Downloads\vlc-2.1.5-win32(1).exe 2014-11-02 18:48:09 48ABF25208FB19E2E5764F892A21B723 103588 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe 2014-11-02 18:48:08 A5F6ADC56FA516594E99C328A7E7FD54 114288 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 2014-10-31 20:48:51 C7969516D87176867BD5AE772967006F 3894696 ----a-w- C:\Users\stefanie\Downloads\Reparatieprogramma-voor-Plugin-container.exe-WinThruster.exe 2014-10-29 23:24:18 F78940628EB76AB6E654C19EE33F2F89 24743106 ----a-w- C:\Users\stefanie\Downloads\vlc-2.1.5-win32.exe 2014-10-28 19:19:27 5943C25E20DFFC0801EE1E38DC9E3DDD 4991400 ----a-w- C:\Users\stefanie\Downloads\Shockwave_Installer_Slim.exe === C: other files == 2014-11-04 16:51:26 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1159067749-3342026126-2323833470-1001\Software\Microsoft\Windows\CurrentVersion\Run] "SkyDrive"="C:\Users\stefanie\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background" "Elbserver"="C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe /Stay" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "ISBMgr.exe"="C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Registering MS MPEG4 ActiveX filter..."="C:\Windows\system32\regsvr32.exe /s C:\Windows\system32\mpg4ds32.ax" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SkyDrive"="C:\Users\stefanie\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background" "Elbserver"="C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe /Stay" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "cAudioFilterAgent"="C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" "AtherosBtStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" "AthBtTray"="C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" "Apoint"="%ProgramFiles%\Apoint\Apoint.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VRLPHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="VRLPHelper" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Sony\\Media Gallery\\VRLPHelper.exe /Stay" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Wondershare Helper Compact.exe] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Wondershare Helper Compact.exe" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Common Files\\Wondershare\\Wondershare Helper Compact\\WSHelper.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WinDefend] ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/03/2013 09:24] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/03/2013 09:24] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{0B03EB33-269E-481C-90C7-3621A7F637C4}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\SysNative\tasks\SONY\VAIO Gate\StartExecuteProxy" ["%programfiles%\Sony\VAIO Gate\ExecutionProxy.exe"] "C:\Windows\SysNative\tasks\SONY\VAIO Gate\VAIO Gate" [C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe] "C:\Windows\SysNative\tasks\Sony Corporation\Sony Home Network Library\SOHLib TaskTray" [C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VAIO Care" ["%ProgramFiles%\Sony\VAIO Care\VCsystray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VCOneClick" ["%ProgramFiles%\Sony\VAIO Care\VCOneClick.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader" [C:\Program Files\Sony\VAIO Improvement\viuploader.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation" [C:\Program Files\Sony\VAIO Improvement Validation\viv.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music stefanie" [C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start" [C:\Program Files\Sony\VAIO Smart Network\VSNClient] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Update\VAIO Update 5" ["C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe"] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [08/09/2014 15:54] ==== Firefox Extensions ====================== ProfilePath: C:\Users\stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\cnnl7whq.default - avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF - Undetermined - wrc@avast.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\cnnl7whq.default 63F8C13F269B10BC9363B007DAAACAE6 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll - Shockwave Flash 1919A4E982A86647F79ADD23B9AC3E11 - C:\Users\stefanie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player D2B5242013356AF422A42B9FAA4056C2 - C:\Users\stefanie\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin FD63DE29FE0A7E738BD81CA0EDDD8020 - C:\Users\stefanie\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[22/07/2014 08:27] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://vaioportal.sony.eu" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {3F5DDB73-C158-4F21-8F84-8E183489B217} Zinio Url="http://services.zinio.com/search?s={searchTerms}&rf=sonyslices" {C19B24E8-0224-4CEB-A9F0-E9D9C3A045AD} eBay Url="http://rover.ebay.com/rover/1/1553-42507-16445-59/4?mpre=http://shop.benl.ebay.be/?oemInLn=ieSrch-Q311&_nkw={searchTerms}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [SkyDrive] "C:\Users\stefanie\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background O4 - HKCU\..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe /Stay O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Download met MiPony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Emsisoft Anti-Malware 8.0 - Service (a2AntiMalware) - Emsisoft GmbH - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bing Bar Update Service (BBSvc) - Unknown owner - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (file missing) O23 - Service: BBUpdate - Unknown owner - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (file missing) O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MaintainerSvc1.92.5302915 - Unknown owner - C:\ProgramData\ecbaef90-5696-41e1-a1c3-3e8112ce2840\maintainer.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\stefanie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TXR3MRTF will be deleted at reboot C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MC52L4OR will be deleted at reboot C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MC52L4OR will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\stefanie\AppData\Local\Mozilla\Firefox\Profiles\cnnl7whq.default\cache2 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Mozilla\Firefox\Profiles\wut3mccf.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=5030 folders=1289 272875136 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\stefanie\AppData\Local\Temp will be emptied at reboot C:\Windows\SysNative\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\stefanie\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\Microsoft\BingBar" not found "C:\Program Files (x86)\Framed Display" not found "C:\PROGRA~2\Framed Display" not found "C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TXR3MRTF" deleted "C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MC52L4OR" not found "C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MC52L4OR" not found ==== EOF on di 04/11/2014 at 19:08:39,98 ======================