Zoek.exe v5.0.0.0 Updated 21-09-2015 Tool run by Gunther on di 22-09-2015 at 20:53:35,20. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gunther\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 22-9-2015 20:56:54 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\G Data deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\OCSetup deleted successfully C:\PROGRA~2\TomTom DesktopSuite deleted successfully C:\Program Files\log deleted successfully C:\PROGRA~3\APN deleted successfully C:\PROGRA~3\iolo deleted successfully C:\PROGRA~3\TrueSuite deleted successfully C:\Users\Gunther\AppData\Roaming\iolo deleted successfully C:\Users\Gunther\AppData\Roaming\Malwarebytes deleted successfully C:\Users\Gunther\AppData\Roaming\Systweak deleted successfully C:\Users\Gunther\AppData\Roaming\Windows Live Writer deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2067256560-3667655080-3368145823-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5cb2b77d-c8ca-44db-af20-a7a4df462a12} deleted successfully HKEY_USERS\S-1-5-21-2067256560-3667655080-3368145823-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5cb2b77d-c8ca-44db-af20-a7a4df462a12} deleted successfully HKEY_USERS\S-1-5-21-2067256560-3667655080-3368145823-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-2067256560-3667655080-3368145823-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-2067256560-3667655080-3368145823-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully HKEY_USERS\S-1-5-21-2067256560-3667655080-3368145823-1001\Software\Microsoft\Internet Explorer\SearchScopes\{C0CEB74F-269C-4DB0-BDF6-FE7B12FAFB68} deleted successfully HKEY_USERS\S-1-5-21-2067256560-3667655080-3368145823-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF3BD4A2-7B2E-4908-8829-0E8C591B75EA} deleted successfully HKEY_CLASSES_ROOT\CLSID\{5cb2b77d-c8ca-44db-af20-a7a4df462a12} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{5cb2b77d-c8ca-44db-af20-a7a4df462a12} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5cb2b77d-c8ca-44db-af20-a7a4df462a12} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5cb2b77d-c8ca-44db-af20-a7a4df462a12} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Batch Command(s) Run By Tool====================== C:\Windows\system32\appdata deleted ==== Deleting Files \ Folders ====================== C:\PROGRA~2\G Data not found C:\PROGRA~2\OCSetup not found C:\PROGRA~2\TomTom DesktopSuite not found C:\Windows\syswow64\appdata deleted C:\install.exe deleted C:\Users\Gunther\AppData\Roaming\Thinstall deleted C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Avkwctl.log deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\gdscan.log deleted C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001} deleted C:\Users\Gunther\AppData\Local\Thinstall deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Users\Gunther\Desktop\Continue FLV Player Installation.lnk deleted "C:\Windows\Installer\18266ebb.msi" deleted "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" deleted "C:\Program Files (x86)\Microsoft\BingBar" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Gunther\AppData\Local\Temp ==== 2015-09-22 18:29:07 78F768C4E0BD116AAF5EE41D760F899D 71168 ----a-w- C:\Users\Gunther\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8m0qas.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-09-16 19:56:41 3ABF91A857527DEAFF1361CD3CD4ACC6 74703 ----a-w- C:\Windows\SysWOW64\mfc45.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2015-09-16 19:56:50 1ED7A8574A28357097A5CB4063C96B00 13792 ----a-w- C:\Windows\Sysnative\drivers\semav6thermal64ro.sys 2015-09-11 16:48:09 8F22037D3F5A6BB676525D825A1388B9 113880 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2015-09-11 16:47:59 E681CE4AE5C09651D53CB4387CA3560E 109272 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2015-09-11 16:47:59 AE757332EA130E94E646621CC695B52A 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys ====== C:\Windows\Tasks ====== 2015-09-16 19:56:56 5CFF7CC7748E1E131B8AFC8174E9B1ED 3142 ----a-w- C:\Windows\Sysnative\Tasks\USER_ESRV_SVC ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-09-21 21:11:14 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Gunther\AppData\Roaming ====== 2015-09-16 19:57:50 -------- d-----w- C:\Users\Gunther\AppData\Local\Sony Corporation 2015-09-05 12:32:41 -------- d-----w- C:\Users\Gunther\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox ====== C:\Users\Gunther ====== 2015-09-21 21:10:34 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gunther\Downloads\RSITx64.exe 2015-09-21 19:32:54 D3B6FA14CB7E12B7FBC0B3AA26235898 24345872 ----a-w- C:\Users\Gunther\Downloads\mbam-setup-2.1.8.1057.exe ====== C: exe-files == 2015-09-21 21:11:20 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gunther.exe 2015-09-21 21:10:34 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gunther\Downloads\RSITx64.exe 2015-09-21 21:09:38 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gunther\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VSZ9U48B\RSITx64.exe 2015-09-21 19:32:54 D3B6FA14CB7E12B7FBC0B3AA26235898 24345872 ----a-w- C:\Users\Gunther\Downloads\mbam-setup-2.1.8.1057.exe 2015-09-16 19:56:34 E7E8E214FBCB0872BD83E0BC656D654F 279427 ----a-w- C:\Program Files (x86)\Sony\MSS\uninstall.exe 2015-09-16 19:53:23 D7E3FCF807F48045734DA103A16C60CC 115133304 ----a-w- C:\Update\EP0000323627\EP0000323627.exe 2015-09-16 19:47:06 77352A5A0833B1CA3B771148DA535CB6 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdateWebPlugin.exe 2015-09-16 19:47:05 FAC17E42199598C0352B9F5DC2EFFC85 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe 2015-09-16 19:47:05 61A77DDEF5E8D85E8B0955C4E5127B39 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdateBroker.exe 2015-09-16 19:46:37 5FB9C6A9318DA7E9ED3C92BB4C2DCC0E 27320840 ----a-w- C:\ProgramData\Sony Corporation\VAIO Update Installer\EP0000320839.exe 2015-09-16 19:46:37 3C6AF171F224F5E996DCE49223338F55 2842672 ----a-w- C:\Program Files\Sony\VAIO Update\VUSR.exe 2015-09-16 19:45:50 5C1181EE87434D85380B3067D5F156FE 64560 ----a-w- C:\Program Files\Sony\VAIO Update\InternetWrapper.exe 2015-09-16 19:45:50 284C58B51D6148155A66B82DE7E9C22E 96816 ----a-w- C:\Program Files\Sony\VAIO Update\VUSUTrigger.exe 2015-09-16 19:45:48 C1FAE2E81955DCCD79034A23EC4F3F37 1642544 ----a-w- C:\Program Files\Sony\VAIO Update\VUAgent.exe 2015-09-16 19:45:48 B446A8C534E6E351164E215EF6DB3DC8 37424 ----a-w- C:\Program Files\Sony\VAIO Update\ShellExeProxy.exe 2015-09-16 19:45:48 91A500A3EA909C0F39D63BAD87EB15F6 1196080 ----a-w- C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe 2015-09-16 19:45:47 D9A15F83CB6E5901A63F24CD7D58DBAF 929872 ----a-w- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdateSetup.exe 2015-09-16 19:44:01 8765AC848BFDEF42AA15F8EC871F283B 752824 ----a-w- C:\ProgramData\Sony Corporation\Sony Packaging Manager\PackagingTemp\{B22B6101-B456-4139-B671-8A69D54FE58D}\UpdateModuleSetup.exe 2015-09-16 19:43:04 BFDCC0375C492C524E78647CEED3F77D 130888 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdateComRegisterShell64.exe 2015-09-16 19:42:51 E337785DA1958E9AB02DDB2369EF46E8 307016 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe 2015-09-16 19:42:39 A72BB48D9014A7D7C05F02F595F52D60 245576 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe 2015-09-16 19:41:18 053EEEE1ABAE53F044F1E386E22AE525 144200 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdate.exe 2015-09-16 19:40:53 D9A15F83CB6E5901A63F24CD7D58DBAF 929872 ----a-w- C:\Program Files (x86)\Google\Update\Install\{28C04448-E50B-4516-93AB-BB228EE771C3}\GoogleUpdateSetup.exe 2015-09-16 19:40:53 D9A15F83CB6E5901A63F24CD7D58DBAF 929872 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.28.15\GoogleUpdateSetup.exe === C: other files == 2015-09-16 19:56:56 93A07D50CF125FEA0DB9915CE87A49D3 726 ----a-w- C:\Program Files\Sony\VAIO Care\ESRV\task.bat 2015-09-16 19:56:56 5835442999D7DDF327A99DB0633B8E19 174 ----a-w- C:\Program Files\Sony\VAIO Care\ESRV\task.vbs 2015-09-16 19:56:50 1ED7A8574A28357097A5CB4063C96B00 13792 ----a-w- C:\Windows\System32\drivers\semav6thermal64ro.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2067256560-3667655080-3368145823-1001\Software\Microsoft\Windows\CurrentVersion\Run] "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "AppleIEDAV"="C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe" "LaCie Desktop Manager Startup"="C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" "Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background" "Dropbox Update"="C:\Users\Gunther\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "ISBMgr.exe"="C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" "Adobe Acrobat Speed Launcher"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" "Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup" "ArcSoft Connection Service"="C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "AppleIEDAV"="C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe" "LaCie Desktop Manager Startup"="C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" "Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background" "Dropbox Update"="C:\Users\Gunther\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 " "IntelPAN"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel PAN Tray" "BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll,TrayApp" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "ClientAppLogon"="C:\Program Files\TrueSuite\TrueSuite.ClientAppLogonExe.exe" "ClientAppLogon32"="C:\Program Files\TrueSuite\x86\TrueSuite.ClientAppLogonExe.exe" "LaCie Desktop Manager Launcher"="C:\Program Files\LaCie\Desktop Manager\lacie_launcherd.exe" "CanonSolutionMenu"="C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Reader Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\"" ==== Startup Folders ====================== 2013-09-09 19:21:09 1145 ----a-w- C:\Users\Gunther\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2013-11-05 20:17:03 1300 ----a-w- C:\Users\Gunther\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [22-09-2015 21:08] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2067256560-3667655080-3368145823-1001Core.job --a------ C:\Users\Gunther\AppData\Local\Dropbox\Update\DropboxUpdate.exe [17-06-2015 06:48] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2067256560-3667655080-3368145823-1001UA.job --a------ C:@C:\Users\Gunther\AppData\Local\Dropbox\Update\DropboxUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30-08-2015 10:34] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30-08-2015 10:34] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Gunther-VAIO-Gunther" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-2067256560-3667655080-3368145823-1001Core" [C:\Users\Gunther\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-2067256560-3667655080-3368145823-1001UA" [C:\Users\Gunther\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\WSCStub.exe"] "C:\Windows\SysNative\tasks\USER_ESRV_SVC" ["C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Norton Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Security\Norton Error Processor" [C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\SymErr.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\ActiveStatusCollect" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\AutoCheckMessage" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\CheckSystemInfo" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\CRMReminder" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\DeployCRMflag" ["%ProgramFiles%\Sony\VAIO Care\DeployCRMflag.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\GetPOTInfo" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\UpdateSolution" ["%ProgramFiles%\Sony\VAIO Care\Solution.Updater.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\UploadPOT" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VAIO Care" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VCCheckIolo" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VCMetrics" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VCOneClick" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VCRLog" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VCSelfHeal" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Control Center\Level4Daily" [C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Control Center\Level4Month" [C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Gate\StartExecuteProxy" ["%programfiles%\Sony\VAIO Gate\ExecutionProxy.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Gate\VAIO Gate" [C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader" [C:\Program Files\Sony\VAIO Improvement\viuploader.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation" [C:\Program Files\Sony\VAIO Improvement Validation\viv.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Power Management\VPM Logon Start" [C:\Program Files\Sony\VAIO Power Management\SPMgr.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Power Management\VPM Session Change" [C:\Program Files\Sony\VAIO Power Management\SPMgr.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Power Management\VPM Unlock" [C:\Program Files\Sony\VAIO Power Management\SPMgr.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start" [C:\Program Files\Sony\VAIO Smart Network\VSNClient] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Update\VAIO Update" ["C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair" [C:\Program Files\Sony\VAIO Update\VUSR.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.1.0.9\coFFPlgn" [22-09-2015 20:30] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Gunther\AppData\Roaming\TomTom\HOME\Profiles\o4iglo40.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.8.010.9369@tomtom.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 45.0.2454.85 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjabmdjcfcfdmffimndhafhblfmpjdpe - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\Exts\Chrome.crx[10-07-2015 06:03] iikflkcanblccfahdhdonehdalibjnif - No path found[] oiokdoppleiafjmfmggefbkghfblaplo - C:\Program Files\TrueSuite\x86\tschrome.crx[29-11-2010 13:57] YouTube - Gunther\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Norton Security Toolbar - Gunther\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe Google Search - Gunther\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Norton Identity Safe - Gunther\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif Chrome Web Store Payments - Gunther\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Website Logon - Gunther\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokdoppleiafjmfmggefbkghfblaplo Gmail - Gunther\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {2ABBC805-F49B-42CB-8024-40F30CE49714} eBay Url="http://rover.ebay.com/rover/1/1346-81661-16445-14/4?mpre=http://shop.ebay.nl/?oemInLn=ieSrch-Q311&_nkw={searchTerms}" {83E5A564-9D4B-4139-8441-1679E340957A} Zinio Url="http://services.zinio.com/search?s={searchTerms}&rf=sonyslices" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2067256560-3667655080-3368145823-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-2067256560-3667655080-3368145823-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F405350054677A7A857BC02210 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D2A425F405350054677A7A857BC02210 deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gunther\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Gunther\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gunther\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2PDR1EEP will be deleted at reboot C:\Users\Gunther\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VSZ9U48B will be deleted at reboot C:\Users\Gunther\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZNF552O3 will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Gunther\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3426 folders=1116 20718325 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gunther\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Gunther\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\Microsoft\BingBar" not found "C:\Users\Gunther\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2PDR1EEP" not found "C:\Users\Gunther\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VSZ9U48B" not found "C:\Users\Gunther\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZNF552O3" not found ==== EOF on di 22-09-2015 at 21:49:28,25 ======================