Zoek.exe v5.0.0.0 Updated 20-Januari-2014 Tool run by Raph on ma 20-01-2014 at 14:24:02,88. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Raph\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-01-20-131309.log 21225 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1871918496-666461717-3363737214-1001\Software\Microsoft\Internet Explorer\SearchScopes\{1C39E8B7-EDBC-48C6-B25A-DB918FAF0042} deleted successfully HKEY_USERS\S-1-5-21-1871918496-666461717-3363737214-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully HKEY_USERS\S-1-5-21-1871918496-666461717-3363737214-1001\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Microsoft\BingBar not found C:\PROGRA~2\WinThruster deleted C:\ProgramData\UpdaterLog.txt deleted C:\WINDOWS\SysNative\roboot64.exe deleted C:\Users\Raph\AppData\LocalLow\IAC deleted C:\Users\Raph\AppData\LocalLow\Delta deleted C:\WINDOWS\SysWow64\AI_RecycleBin deleted ==== Files Found In C:\WINDOWS\ELAMBKUP ====================== 2012-06-20 21:27:30 23448 ------w- 42947647F71E9EF2167B42B372F1DDB7 C:\WINDOWS\ELAMBKUP\2465978022 2013-09-10 02:47:38 23568 ----a-r- 20F758E6339A16F97DD83389D582E09A C:\WINDOWS\ELAMBKUP\SYMELAM.SYS ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\Raph\AppData\Local\Temp ==== 2014-01-14 13:26:53 1D461686B0E32F2DECB587C895A05402 120240 ------w- C:\Users\Raph\AppData\Local\Temp\{9F1976AC-BA2B-44FE-94E0-D93A5A656411}\ISBEW64.exe 2014-01-14 13:22:18 1D461686B0E32F2DECB587C895A05402 120240 ------w- C:\Users\Raph\AppData\Local\Temp\{DDBE9111-1220-45CC-8AA8-5C4C20756FB3}\ISBEW64.exe 2014-01-14 10:06:44 1D461686B0E32F2DECB587C895A05402 120240 ------w- C:\Users\Raph\AppData\Local\Temp\{278B97A7-B3E4-4C1A-BAB9-584F4C9F7E56}\ISBEW64.exe 2014-01-14 10:00:41 1D461686B0E32F2DECB587C895A05402 120240 ------w- C:\Users\Raph\AppData\Local\Temp\{4B7E395D-EDFF-4187-90C9-FFDC659EEBA4}\ISBEW64.exe 2014-01-14 10:00:21 1D461686B0E32F2DECB587C895A05402 120240 ------w- C:\Users\Raph\AppData\Local\Temp\{3960A8F3-BAF5-408F-AF9C-EDEC0AA00A9B}\ISBEW64.exe 2014-01-14 09:57:38 171F1BB73D0238A7A56126D3459ECDCD 50432 ----a-w- C:\Users\Raph\AppData\Local\Temp\Extract.exe 2014-01-11 22:39:02 3CCFF27A792471A15B7589D7885A5BAE 375642216 ----a-w- C:\Users\Raph\AppData\Local\Temp\SP64726.exe ====== C:\WINDOWS\SysWOW64 ===== 2014-01-15 09:42:52 ED8ED1CE6CAB56103230E2097763DC2B 695808 ----a-w- C:\WINDOWS\SysWOW64\WSShared.dll 2014-01-15 09:42:51 B6D28E8DC13F9EAF8B74BDB4F3DD9781 174592 ----a-w- C:\WINDOWS\SysWOW64\WSClient.dll 2014-01-15 09:42:50 73D0837E97CD7368BCA7DE4E373B8503 103936 ----a-w- C:\WINDOWS\SysWOW64\OEMLicense.dll 2014-01-10 20:17:41 BFBA3B9F2729B98ED53406F6A429C6F0 962536 ------w- C:\WINDOWS\SysWOW64\M2ElevatedNetworkAdapters.dll 2014-01-10 20:17:41 99AA8AC77F52E184E3B050EB617C431E 3748768 ------w- C:\WINDOWS\SysWOW64\M2ElevatedCalls.dll 2014-01-10 20:17:41 6EF65A0148DFBA5F82C3EB04C3B04BDD 3490208 ------w- C:\WINDOWS\SysWOW64\m2network64helper.exe 2014-01-10 20:17:41 60942D965663A33F4C09CF85805295F5 3368344 ------w- C:\WINDOWS\SysWOW64\M2LU_Server.exe 2014-01-10 20:17:41 4E72CB2C820006678A3E78F6420FFF7C 238592 ------w- C:\WINDOWS\SysWOW64\WiFiMan.dll 2014-01-10 20:17:41 4B0465C7E934FA0EF98CF663F5BCA74B 151552 ------w- C:\WINDOWS\SysWOW64\ssleay32.dll 2014-01-10 20:17:41 263AF932C3D1A8A876F122E32498E058 692224 ------w- C:\WINDOWS\SysWOW64\libeay32.dll 2014-01-10 20:17:41 1A91F4E61868E8DB3D0ACF0469994A31 876192 ------w- C:\WINDOWS\SysWOW64\ipworks8.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2014-01-15 09:42:53 EF5A9D7523E4530D2030D4EA2D90FEC3 787968 ----a-w- C:\WINDOWS\Sysnative\uDWM.dll 2014-01-15 09:42:52 D8E3A4701376CCFD0BE542D745FA4809 3395920 ----a-w- C:\WINDOWS\Sysnative\WSService.dll 2014-01-15 09:42:51 E3E168E733B0E8383BA5635542FDB96F 848384 ----a-w- C:\WINDOWS\Sysnative\WSShared.dll 2014-01-15 09:42:51 3E245CCA42D78B9626A79FE77E111D7B 84480 ----a-w- C:\WINDOWS\Sysnative\WSCollect.exe 2014-01-15 09:42:51 294AAE73D0D7BDAACC5224BC7334077B 206336 ----a-w- C:\WINDOWS\Sysnative\WSClient.dll 2014-01-15 09:42:50 30AE1D2A418A6C128CF3BD6EA37354DB 138240 ----a-w- C:\WINDOWS\Sysnative\OEMLicense.dll 2014-01-10 20:17:41 433DC2585FEFD00133A26CEF17ED306A 279040 ------w- C:\WINDOWS\Sysnative\WiFiMan.dll ====== C:\WINDOWS\Sysnative\drivers ===== ====== C:\WINDOWS\Tasks ====== 2014-01-05 12:39:20 8573D436DB4475606CFCCAD7D8E8C017 5050 ----a-w- C:\WINDOWS\Sysnative\Tasks\Microsoft Office 15 Sync Maintenance for RAPH-lieke_000 raph ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-01-17 10:30:19 -------- d-----w- C:\Program Files\trend micro 2014-01-15 19:50:28 -------- d-----w- C:\Program Files\Speccy ======= C:\PROGRA~2 ===== 2014-01-10 20:17:41 -------- d-----w- C:\PROGRA~2\KPN ======= C: ===== ====== C:\Users\Raph\AppData\Roaming ====== 2014-01-10 20:17:45 -------- d-----w- C:\Users\Raph\AppData\Local\mquadr.at 2014-01-05 13:18:42 -------- d-----w- C:\Users\lieke_000\AppData\Locallow\Temp 2013-12-23 21:29:04 -------- d-----w- C:\Users\Raph\AppData\Local\Microsoft Help ====== C:\Users\Raph ====== 2014-01-20 13:13:02 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp 2014-01-17 10:34:15 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Raph\Downloads\RSITx64.exe 2014-01-15 19:48:43 8141DC2382882BD14BE556D7CA8650C3 4779896 ----a-w- C:\Users\Raph\Downloads\spsetup124.exe 2014-01-10 20:18:02 -------- d-----w- C:\ProgramData\mquadr.at 2014-01-10 20:17:47 -------- dc-h--w- C:\ProgramData\{52874002-DBBD-4BCC-A8A4-B080652985C6} 2014-01-10 20:17:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KPN ====== C: exe-files == 2014-01-17 10:39:16 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Raph\AppData\Local\Microsoft\Windows\INetCache\IE\UHSWU7VZ\RSITx64.exe 2014-01-17 10:34:15 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Raph\Downloads\RSITx64.exe 2014-01-17 10:30:19 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Raph.exe 2014-01-17 09:57:41 1D0A1FF655C6CF2EA2DE4FB6AA8246AD 9046696 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.76\32.0.1700.76_31.0.1650.63_chrome_updater.exe 2014-01-15 19:49:09 1F391B0BC70DC207F94FDC49E2F254EE 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1871918496-666461717-3363737214-1001\$IH44S2T.exe 2014-01-15 19:48:43 8141DC2382882BD14BE556D7CA8650C3 4779896 ----a-w- C:\Users\Raph\Downloads\spsetup124.exe 2014-01-15 13:13:03 FAF662699E5B406660BD85E514E73C45 27448 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_Darwin_US.exe 2014-01-15 13:13:03 F6D2EA7FCB0F094B53CB88480FB5E582 30424 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SmartFriendAwareness_Ex.exe 2014-01-15 13:13:03 51D3A8E9A26EA3DE98A80BF117519F85 42712 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupYourImportantData_EMEA.exe 2014-01-15 13:13:03 2EEE5D8BCE7D62C7A971FEC350209F0B 44344 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_Darwin_NSPOS.exe 2014-01-15 13:13:03 2DA14CADC35E8CAEC6D0FD7D3A5844C2 21208 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_GuestAccount.exe 2014-01-15 09:52:28 02F4D77F2B1CAA08373732876F08B48C 548536 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\MSOSQM.EXE 2014-01-15 09:52:26 85752D8DDA1CDDC368EEA9C6966D6FB9 3685544 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\XLICONS.EXE 2014-01-15 09:52:26 639299F6C2DEFC95D32C7E31F3FDCE2C 3015336 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\WORDICON.EXE 2014-01-15 09:52:26 120A8C96BDACA0E996EECA1C4249DA3C 840400 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\DW20.EXE 2014-01-15 09:52:21 51E80A4215C91A46527A6D228FC41F92 78576 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE 2014-01-15 09:52:20 6F9EC2DAD5C2A7D2A6DB55D56B1DEC48 6847704 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CMigrate.exe 2014-01-15 09:52:19 D7FD2973A893C9FA7EA28601E8B4D924 39584 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\AppSharingHookController64.exe 2014-01-15 09:52:16 286F022920B7CC5517FE26F44D8F0450 5117144 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CMigrate.exe 2014-01-15 09:52:14 4AC57AC05DA1416F09007F531BFA1C1D 9555120 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\PDFREFLOW.EXE 2014-01-15 09:52:11 FC8A57867331A885888BF10A567C03F7 3509416 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\PPTICO.EXE 2014-01-15 09:52:11 9E3D974459750742C522CDA7219F9553 871088 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe 2014-01-15 09:52:08 5422FAE4C8AE9022A0A6F2D61C2891D9 471784 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\DWTRIG20.EXE 2014-01-15 09:52:06 2A04D9554504C9805ABD8F3042CF41CE 614568 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\MSOICONS.EXE 2014-01-15 09:51:41 2162E8E0CEA552E3D065BB89CFA3FC64 1046232 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe 2014-01-15 09:51:27 F7650D69291A0C4279CE810C18E0905B 496832 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSOUC.EXE 2014-01-15 09:51:27 F0880D165AD001E330D6B83A9342F544 228544 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\CLVIEW.EXE 2014-01-15 09:51:27 AB898EC1FFD8B8B3494EE5F383189421 448704 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE 2014-01-15 09:51:26 ED1993B0AB3C052FA41CB13DFFF3F9B0 478936 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\SELFCERT.EXE 2014-01-15 09:51:25 AC5207389149F97C62B068E01D8D0065 4522176 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\GRAPH.EXE 2014-01-15 09:51:25 042C55F9E4AB4F24CAD326D171071EF6 21888160 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe 2014-01-15 09:51:24 BCC72321A7A78B43D416488083D30429 515312 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\IEContentService.exe 2014-01-15 09:51:23 60901242B582AA7A4BAFA33BB7B00D2A 569592 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ORGCHART.EXE 2014-01-15 09:51:23 23B463D92C869A3858D652DAC23952FD 1026728 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\misc.exe 2014-01-15 09:51:22 A81D08D5FD2C6D05460C3D7A2ADC2C7D 526024 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\VPREVIEW.EXE 2014-01-15 09:50:36 A343694339F33F68AFCE279A5A23388F 566480 ----a-w- C:\Program Files\Microsoft Office 15\root\Integration\Integrator.exe 2014-01-15 09:48:46 D492087C8BC54DEAC2F293AB770E6625 1746600 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ONENOTE.EXE 2014-01-15 09:48:26 44BEB5BCABCFC46BE32C4AC191CF943E 1923232 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE 2014-01-15 09:48:21 FF7238051E8A7A4F1832071F9E549ECA 25623712 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE 2014-01-15 09:42:51 F8309DE5A45867745C7AA835DF50AA29 25304 ----a-w- C:\Windows\WinStore\WSHost.exe 2014-01-15 09:42:51 3E245CCA42D78B9626A79FE77E111D7B 84480 ----a-w- C:\Windows\System32\WSCollect.exe 2014-01-14 13:32:43 545556BE8ECCE669384E160DEEA7C9A3 41448 ------w- C:\Program Files (x86)\CyberLink\Shared files\richvideouninstall.exe 2014-01-14 13:32:43 4648F5001496411B0C4CD96B6A5412B5 45544 ------w- C:\Program Files (x86)\CyberLink\Shared files\richvideoinstall.exe 2014-01-14 13:32:43 41DDCF1ADD1FB7DE23DCF671740DDBE6 254512 ------w- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2014-01-14 13:31:27 1D39A4A49F4D7D4F1D1380DCF2245C74 320472 ------w- C:\ProgramData\Temp\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\Setup.exe 2014-01-14 13:26:53 1D461686B0E32F2DECB587C895A05402 120240 ------w- C:\Users\Raph\AppData\Local\Temp\{9F1976AC-BA2B-44FE-94E0-D93A5A656411}\ISBEW64.exe 2014-01-14 13:22:18 1D461686B0E32F2DECB587C895A05402 120240 ------w- C:\Users\Raph\AppData\Local\Temp\{DDBE9111-1220-45CC-8AA8-5C4C20756FB3}\ISBEW64.exe 2014-01-14 13:21:56 B5D17F862276D1183B4D65F3C03AA6A9 868840 ----a-w- C:\SWSetup\sp64726\ShareFiles\Share_x86\EffectExtractor.exe 2014-01-14 13:21:56 545556BE8ECCE669384E160DEEA7C9A3 41448 ----a-w- C:\SWSetup\sp64726\Richvideo\RichVideoUnInstall.exe 2014-01-14 13:21:56 4648F5001496411B0C4CD96B6A5412B5 45544 ----a-w- C:\SWSetup\sp64726\Richvideo\RichVideoInstall.exe 2014-01-14 13:21:56 41DDCF1ADD1FB7DE23DCF671740DDBE6 254512 ----a-w- C:\SWSetup\sp64726\Richvideo\RichVideo.exe 2014-01-14 13:21:54 5689D43C3B201DD3810FA3BBA4A6476A 4216840 ----a-w- C:\SWSetup\sp64726\vcredist_x86.exe 2014-01-14 13:21:52 1D39A4A49F4D7D4F1D1380DCF2245C74 320472 ----a-w- C:\SWSetup\sp64726\setup.exe 2014-01-14 13:21:34 A69B1061AED3024A68DF5FBABD3C6D31 98864 ----a-w- C:\SWSetup\sp64726\CLSM.exe 2014-01-14 13:21:34 A51D90F2F9394F5EA0A3ACAE3BD2B219 163840 ----a-w- C:\SWSetup\sp64726\7z.exe 2014-01-14 12:41:59 EE6AB2366FE30B192081224D4D47D5B9 910992 ----a-w- C:\Users\Raph\AppData\Local\Microsoft\Windows\INetCache\IE\0KVAYS4E\AutoDetectPkg.exe 2014-01-14 12:10:53 BE2456EF1DC8362DDDEAFE6F19EB3621 2510336 ----a-w- C:\Users\Raph\AppData\Local\Packages\89BE6D5D.KPNiTVOnline_j9c080ve9enp0\AC\Microsoft\CLR_v4.0\NativeImages\KPN\1f21d91190451c9697f4e0951c3414f2\KPN.ni.exe 2014-01-14 12:10:42 111263E99D85DC4826859D67A7472969 286720 ----a-w- C:\Users\Raph\AppData\Local\Packages\55667CoolStoreDevsPandora.YouTubeHD_fsgj3pht8nmqt\AC\Microsoft\CLR_v4.0_32\NativeImages\YandexTouch\5466e197bac72acae832e49459dee70e\YandexTouch.ni.exe 2014-01-14 12:10:41 69F8CEE0D7F4C9F3E6C405C905ECA5F7 1252864 ----a-w- C:\Users\Raph\AppData\Local\Packages\87EC9D29.AEGONPensioenApp_fb7pe66ja9age\AC\Microsoft\CLR_v4.0\NativeImages\AegonPensioenApp\908e44ebba23b8741adb32071ca65bf4\AegonPensioenApp.ni.exe 2014-01-14 10:06:44 1D461686B0E32F2DECB587C895A05402 120240 ------w- C:\Users\Raph\AppData\Local\Temp\{278B97A7-B3E4-4C1A-BAB9-584F4C9F7E56}\ISBEW64.exe 2014-01-14 10:00:41 1D461686B0E32F2DECB587C895A05402 120240 ------w- C:\Users\Raph\AppData\Local\Temp\{4B7E395D-EDFF-4187-90C9-FFDC659EEBA4}\ISBEW64.exe 2014-01-14 10:00:21 1D461686B0E32F2DECB587C895A05402 120240 ------w- C:\Users\Raph\AppData\Local\Temp\{3960A8F3-BAF5-408F-AF9C-EDEC0AA00A9B}\ISBEW64.exe 2014-01-14 09:57:38 171F1BB73D0238A7A56126D3459ECDCD 50432 ----a-w- C:\Users\Raph\AppData\Local\Temp\Extract.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1871918496-666461717-3363737214-1001\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "MyDriveConnect.exe"="C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "YouCam Service"="C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe /s" "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "KPN Assistent"="C:\Program Files (x86)\KPN\KPN Assistent\KPN_Assistent.exe /auto" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "MyDriveConnect.exe"="C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "lxeamon.exe"="C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe" "EzPrint"="C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe" "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe Update" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30-10-2013 00:45] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30-10-2013 00:45] C:\WINDOWS\tasks\HPCeeScheduleForRaph.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [13-09-2010 21:15] C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job --a-------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [30-10-2013 11:18] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{1731C514-5CCB-4B43-B589-A0B55C222921}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{B17A0575-2E44-4DC3-B110-61BF963E708D}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon" [C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe] "C:\WINDOWS\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe] "C:\WINDOWS\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF" [12-01-2014 00:49] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\Exts\Chrome.crx[09-12-2013 10:38] Docs - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Norton Identity Protection - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Gmail - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - lieke_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - lieke_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - lieke_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - lieke_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Norton Identity Protection - lieke_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Google Wallet - lieke_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - lieke_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - Raph\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Raph\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Raph\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Raph\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Norton Identity Protection - Raph\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Chrome In-App Payments service - Raph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Raph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1346-154357-12126-2/4?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}" ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\lieke_000\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\lieke_000\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\Raph\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Raph\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\lieke_000\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Raph\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3555 folders=1051 21856895 bytes) ==== Empty Temp Folders ====================== C:\Users\Administrator\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gast\AppData\Local\Temp emptied successfully C:\Users\lieke_000\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Raph\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Raph\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 20-01-2014 at 14:40:09,10 ======================