Zoek.exe v5.0.0.0 Updated 13-July-2014 Tool run by Thierry on zo 13/07/2014 at 15:19:10,63. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Thierry\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 13/07/2014 15:20:51 Zoek.exe System Restore Point Created Succesfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ==== Empty Folders Check ====================== C:\PROGRA~2\Packard Bell deleted successfully C:\PROGRA~3\Canon IJ Network Tool deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1049643930-549260389-1984244956-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully HKEY_CLASSES_ROOT\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Tools for .Net 3.5 Adobe Flash Player 14 Plugin Adobe Reader XI (11.0.07) - Nederlands Adobe Shockwave Player 12.0 Avira Avira Free Antivirus AzureTools.Notifications.VwdExpress Blend for Visual Studio Add-in for Adobe FXG Import Blend for Visual Studio SDK for .NET 4.5 Blend for Visual Studio SDK for Silverlight 5 Build Tools - amd64 Build Tools - x86 Build Tools Language Resources - amd64 Build Tools Language Resources - x86 Canon IJ Network Scanner Selector EX Canon IJ Network Tool Canon MX890 series MP Drivers CCleaner CyberLink LabelPrint CyberLink Media Suite 10 Cyberlink PhotoDirector CyberLink Power2Go 8 CyberLink PowerDirector 10 CyberLink PowerDVD 12 CyberLink YouCam D3DX10 DisableMSDefender Dropbox Energy Star Entity Framework Designer for Visual Studio 2012 - enu Entity Framework Tools for Visual Studio 2013 Fotogalerie Galerie de photos Google Chrome Google Drive Google Update Helper Hewlett-Packard ACLM.NET v1.2.2.3 HP 3D DriveGuard HP Connected Music (Meridian - installer) HP Connected Music (Meridian - player) HP CoolSense HP Customer Experience Enhancements HP Documentation HP Postscript Converter HP Quick Start HP Recovery Manager HP Registration Service HP Support Assistant HP System Event Utility HP Utility Center HP Wireless Button Driver IIS 8.0 Express IIS Express Application Compatibility Database for x64 IIS Express Application Compatibility Database for x86 Install Finalizer Intel(R) Management Engine Components Intel(R) Processor Graphics Intel(R) Rapid Storage Technology Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel© Trusted Connect Service Client Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft .NET Framework 4.5 Multi-Targeting Pack Microsoft .NET Framework 4.5 SDK Microsoft .NET Framework 4.5.1 Multi-Targeting Pack Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) Microsoft .NET Framework 4.5.1 SDK Microsoft Application Error Reporting Microsoft ASP.NET and Web Frameworks 2012.2 Microsoft ASP.NET and Web Tools 2013.1 - Visual Studio Express 2012 for Web Microsoft ASP.NET and Web Tools 2013.1 - Visual Studio Express 2013 for Web Microsoft ASP.NET MVC 3 - Visual Studio Express 2012 for Web Microsoft ASP.NET MVC 3 Microsoft ASP.NET MVC 4 - Visual Studio Express 2012 for Web - ENU Microsoft ASP.NET MVC 4 - Visual Studio Express 2013 for Web - ENU Microsoft ASP.NET MVC 4 Runtime Microsoft ASP.NET Visual Studio 2012 Finalizer Microsoft ASP.NET Visual Studio 2012 Uninstall Finalizer Microsoft ASP.NET Web Frameworks and Tools - Visual Studio Express 2013 for Web - ENU Microsoft ASP.NET Web Pages - Visual Studio Express 2012 for Web Microsoft ASP.NET Web Pages Microsoft ASP.NET Web Pages 2 - Visual Studio Express 2012 for Web - ENU Microsoft ASP.NET Web Pages 2 - Visual Studio Express 2013 for Web - ENU Microsoft ASP.NET Web Pages 2 Runtime Microsoft Expression Blend SDK for .NET 4 Microsoft Expression Blend SDK for Silverlight 4 Microsoft Help Viewer 2.0 Microsoft Help Viewer 2.1 Microsoft NuGet - Visual Studio Express 2012 for Web Microsoft NuGet - Visual Studio Express 2013 for Web Microsoft Office 365 - nl-nl Microsoft OneDrive Microsoft Portable Library Multi-Targeting Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2012 Command Line Utilities Microsoft SQL Server 2012 Data-Tier App Framework Microsoft SQL Server 2012 Data-Tier App Framework (x64) Microsoft SQL Server 2012 Express LocalDB Microsoft SQL Server 2012 Management Objects Microsoft SQL Server 2012 Management Objects (x64) Microsoft SQL Server 2012 Native Client Microsoft SQL Server 2012 T-SQL Language Service Microsoft SQL Server 2012 Transact-SQL Compiler Service Microsoft SQL Server 2012 Transact-SQL ScriptDom Microsoft SQL Server Compact 4.0 SP1 x64 ENU Microsoft SQL Server Data Tools - enu (11.1.20905.0) Microsoft SQL Server Data Tools - enu (12.0.30919.1) Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20905.0) Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) Microsoft SQL Server System CLR Types Microsoft SQL Server System CLR Types (x64) Microsoft System CLR Types for SQL Server 2012 Microsoft System CLR Types for SQL Server 2012 (x64) Microsoft Team Foundation Server 2013 Object Model (x64) Microsoft Team Foundation Server 2013 Object Model Language Pack (x64) - ENU Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual Studio 2012 Express Prerequisites x64 - ENU Microsoft Visual Studio 2012 Preparation Microsoft Visual Studio 2012 Shell (Minimum) Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies Microsoft Visual Studio 2012 Shell (Minimum) Resources Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU Microsoft Visual Studio 2013 Express Prerequisites x64 - ENU Microsoft Visual Studio 2013 Preparation Microsoft Visual Studio 2013 Shell (Minimum) Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies Microsoft Visual Studio 2013 Shell (Minimum) Resources Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU Microsoft Visual Studio Express 2012 for Web - ENU Microsoft Visual Studio Express 2013 for Web - ENU Microsoft Visual Studio Team Foundation Server 2012 Object Model Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core Microsoft Visual Studio Ultimate 2013 XAML UI Designer enu Resources Microsoft Web Deploy 3.5 Microsoft Web Deploy dbSqlPackage Provider - enu Microsoft Web Platform Installer 5.0 Microsoft WebMatrix 3 Movie Maker MSVCRT MSVCRT110 MSVCRT110_amd64 MySQL Connector Net 6.5.4 MySQL Server 5.1 Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component Photo Common Photo Gallery Prerequisites for SSDT Ralink Bluetooth Stack64 Ralink RT3290 802.11bgn Wi-Fi Adapter Realtek Card Reader Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Samsung AllShare Skype Click to Call SkypeT 6.16 swMSM Synaptics Pointing Device Driver Team Explorer for Microsoft Visual Studio 2013 Update for (KB2504637) Update for Microsoft Visual Studio 2012 (KB2781514) Visual Studio 2012 Update 4 (KB2707250) Vuze Windows Azure Authoring Tools - v2.3 Windows Azure Compute Emulator - v2.3 Windows Azure Libraries for .NET - v2.3 Windows Azure Shared Components for Microsoft Visual Studio 2012 - v1.1 Windows Azure Shared Components for Microsoft Visual Studio 2013 - v1.0 Windows Azure Storage Emulator - v3.2 Windows Azure Storage Tools - v2.2.2 Windows Azure Tools for Microsoft Visual Studio 2012 - v2.3 Windows Azure Tools for Microsoft Visual Studio 2012 Core Windows Live Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinRAR 5.10 beta 1 (64-bit) ==== Running Processes ====================== C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe C:\Users\Thierry\Desktop\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~3\Package Cache deleted C:\Users\Thierry\Searches deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 7963 MB CPU Info: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz CPU Speed: 2305,7 MHz Sound Card: luidspreker/Hoofdtelefoon (Real | Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | Intel(R) HD Graphics Family Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Ralink RT3290 802.11bgn Wi-Fi Adapter | Realtek PCIe FE Family Controller CD / DVD Drives: 1x (E: | ) E: hp DVDRAM GU70N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 675,3GB | D: 22,1GB Hard Disks - Free: C: 615,6GB | D: 2,0GB Manufacturer *: Insyde BIOS Info: AT/AT COMPATIBLE | | HPQOEM - 1 Time Zone: Romance (standaardtijd) Motherboard *: Hewlett-Packard 2163 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Avira Desktop On-access scanning disabled (Outdated) Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Avira Desktop disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 35.0.1916.153 Internet Explorer Version: 11.0.9600.17207 Google Chrome version: 35.0.1916.153 Adobe Reader version: 11.0.07.79 Flash Player version: 14.0.0.145 Shockwave Player version: 12.0.2r122 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\Thierry\AppData\Local\Temp ==== 2014-07-11 16:34:54 C9293A7DA4406C748B27B4C14D5A0253 43008 ----a-w- C:\Users\Thierry\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1mumpg.dll 2014-07-09 04:13:49 8D9A7175E5EF1CE994F92546A6D835F8 49744 ----a-w- C:\Users\Thierry\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2014-07-10 03:53:59 8A9CB0FE11800DBBDBA8FE4F54828892 779264 ----a-w- C:\WINDOWS\SysWOW64\osk.exe 2014-07-10 03:53:53 9EE0C96C5D9840DF3517C9B7D19ED590 318976 ----a-w- C:\WINDOWS\SysWOW64\certcli.dll 2014-07-10 03:53:53 7DB59908D49605F2CD0CFB0CF9940E86 735232 ----a-w- C:\WINDOWS\SysWOW64\adtschema.dll 2014-07-10 03:53:14 4F7DA26AC4BD319080B6FCB4F87936CE 225280 ----a-w- C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-07-10 03:53:12 DFA59840BB1220AFD261FDAE83543959 17276416 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2014-07-10 03:53:04 98C7B1AFA0A99EE3BE99EAABEFB72CA0 4254720 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2014-07-10 03:53:03 FC733FD7721200D5136F6F8112E97B00 11742208 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2014-07-10 03:53:00 7C44C697BA6D0B698B91AC6516A731C3 1139200 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2014-07-10 03:52:58 CCC198257901BEEA2FBF8EB1E7678356 1791488 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2014-07-10 03:52:58 573E522A27210701EB8A6C476D36FFF6 239616 ----a-w- C:\WINDOWS\SysWOW64\dxtrans.dll 2014-07-10 03:52:57 E739AEDCA67F214F96C2520BA293B12B 526336 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2014-07-10 03:52:57 9385D7C5DF2566D01B1FB150F381D50B 367616 ----a-w- C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-07-10 03:52:57 67EA1BB7F6428A10C64D5A732976F871 69632 ----a-w- C:\WINDOWS\SysWOW64\mshtmled.dll 2014-07-10 03:52:57 084FB28A790685F32A6D7D003777696D 2179072 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2014-07-10 03:52:56 4B774E842F268D51DB942EF9637828B9 1964544 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-07-10 03:52:56 175A663547805367C10746FC416D4605 704512 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-07-10 03:52:47 0A9EB3956BCB7E5CDE15AF987BD81543 488960 ----a-w- C:\WINDOWS\SysWOW64\qedit.dll 2014-07-10 03:52:34 819E423A2914A67CD23D53997F7B4E8D 756224 ----a-w- C:\WINDOWS\SysWOW64\WSShared.dll 2014-07-10 03:52:33 CF7953FFEFED26AC657067CD2C259BCD 11792384 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2014-07-10 03:52:32 9E9182A652F5287DA05B3893A2E19FEC 80896 ----a-w- C:\WINDOWS\SysWOW64\wudriver.dll 2014-07-10 03:52:32 77B0DF38B67C00EFB5B131D279FC12ED 666624 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll 2014-07-10 03:52:32 4B7FA0A3D7B9D316BC6B2A409701E47D 828928 ----a-w- C:\WINDOWS\SysWOW64\twinui.appcore.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2014-07-10 19:55:28 3D748E5558FD9A9F03182CB2330698DC 1018880 ----a-w- C:\WINDOWS\Sysnative\termsrv.dll 2014-07-10 03:54:01 83E3C080E9B0E0677DBCDF9D7F434166 4190720 ----a-w- C:\WINDOWS\Sysnative\win32k.sys 2014-07-10 03:54:00 15750011454B89F4950D7E7E4A947EC1 834048 ----a-w- C:\WINDOWS\Sysnative\osk.exe 2014-07-10 03:53:54 C3028569F244470F3D54026884E16E06 1417216 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll 2014-07-10 03:53:53 423D68307E57654A000AA484B009DD16 735232 ----a-w- C:\WINDOWS\Sysnative\adtschema.dll 2014-07-10 03:53:53 3B78D6DC57654CDD96E073724A2228AE 436224 ----a-w- C:\WINDOWS\Sysnative\certcli.dll 2014-07-10 03:53:14 3310F7A257F0EAABDD41E10E1F3FCCFE 250880 ----a-w- C:\WINDOWS\Sysnative\iedkcs32.dll 2014-07-10 03:53:13 FEC19C351EF1B2C998A85D1BFD765675 23464448 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2014-07-10 03:53:07 4EC7738394D2BC7BCB5F7A3657F57252 5721088 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2014-07-10 03:53:06 366FA6D38406DC8BED62825C196144D1 13527040 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2014-07-10 03:53:01 73C7D1FCF6F58F3BF077FB42B0214BC0 1393664 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2014-07-10 03:52:59 A21C6231459F4CAC212676A9367A1A68 2768384 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2014-07-10 03:52:59 415DF2B045167D6D85223CFFF00FCFC7 292864 ----a-w- C:\WINDOWS\Sysnative\dxtrans.dll 2014-07-10 03:52:59 2EE102DF0EDD8A1EDD3D1E9B99A91BEC 2266112 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2014-07-10 03:52:58 2E40D5E11BCC597352EE0314AF629A0F 452608 ----a-w- C:\WINDOWS\Sysnative\dxtmsft.dll 2014-07-10 03:52:57 D8E6706AECD7AA50764E126CE3F36555 631808 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2014-07-10 03:52:57 1FD6C2F6AC489C271565730F6E9E1A05 85504 ----a-w- C:\WINDOWS\Sysnative\mshtmled.dll 2014-07-10 03:52:57 1685AA234852657C4A6D253CCBBE84E0 2040832 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl 2014-07-10 03:52:56 CA67F68CEC788C0C69AD47C5125DDD8E 608768 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe 2014-07-10 03:52:56 BDD4A74421B023C81DA63168BD10C01B 846336 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll 2014-07-10 03:52:47 78FC2B2BA0E5E1C9249E3157D4EE9BC7 586240 ----a-w- C:\WINDOWS\Sysnative\qedit.dll 2014-07-10 03:52:34 C2F515FC027867E5EAF12AC9815B3ABD 923136 ----a-w- C:\WINDOWS\Sysnative\WSShared.dll 2014-07-10 03:52:33 E66AC3CA92FC471BFE69F61549193A64 3463680 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2014-07-10 03:52:33 C5FA4562E9ACB7323B3FB333E6C021CF 13287936 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2014-07-10 03:52:32 CCC6D7250D01DA7E5499B0722CF6CAE3 1054208 ----a-w- C:\WINDOWS\Sysnative\twinui.appcore.dll 2014-07-10 03:52:32 9FA466A42109F408AC6C2848E851C38A 555736 ----a-w- C:\WINDOWS\Sysnative\twinapi.appcore.dll 2014-07-10 03:52:32 53BEF9A65EA686018B9EDF9665F5EBDE 827392 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll 2014-07-10 03:52:32 4A12C727502A07C4B89B663B942DF289 54776 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe 2014-07-10 03:52:32 2C28079658CCA1E8C3810E185CCC2234 93696 ----a-w- C:\WINDOWS\Sysnative\wudriver.dll 2014-07-10 03:45:56 FD3638782572A8281BCF12520F6579F4 79872 ----a-w- C:\WINDOWS\Sysnative\WSReset.exe ====== C:\WINDOWS\Sysnative\drivers ===== 2014-07-10 03:53:57 374E27295F0A9DCAA8FC96370F9BEEA5 563200 ----a-w- C:\WINDOWS\Sysnative\drivers\afd.sys 2014-07-10 03:53:53 1CD3A907D64D08F49208DA00B69BF35E 565576 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2014-07-09 04:12:52 8902AEC2382A37E9E99A4E0D52DBD42B 130584 ----a-w- C:\WINDOWS\Sysnative\drivers\avipbb.sys 2014-07-09 04:12:52 4663C5AD76FE8E19592DE808156FA07D 117712 ----a-w- C:\WINDOWS\Sysnative\drivers\avgntflt.sys 2014-07-09 04:12:52 390184FAD8FCC1B6DA25AEBAE928C3B6 28600 ----a-w- C:\WINDOWS\Sysnative\drivers\avkmgr.sys ====== C:\WINDOWS\Tasks ====== 2014-07-10 03:48:31 988C517B7178F66A00DEAE155593D42A 3178 ----a-w- C:\WINDOWS\Sysnative\Tasks\HPCeeScheduleForThierry 2014-07-10 03:48:31 1ED2167F48E3705598C6A94880E04211 360 ----a-w- C:\WINDOWS\Tasks\HPCeeScheduleForThierry.job ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-06-17 07:44:25 -------- d--h--w- C:\Program Files\CanonBJ 2014-06-14 08:42:23 -------- d-----w- C:\Program Files\VS2010Schemas 2014-06-14 08:39:36 -------- d-----w- C:\Program Files\Microsoft SDKs ======= C:\PROGRA~2 ===== 2014-07-09 04:07:42 -------- d-----w- C:\PROGRA~2\Avira 2014-06-19 12:16:04 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2014-06-19 12:16:03 -------- d-----r- C:\PROGRA~2\Skype 2014-06-17 07:36:55 -------- d-----w- C:\PROGRA~2\Canon 2014-06-16 12:59:58 -------- d-----w- C:\PROGRA~2\Packard Bell External HDD 2014-06-14 08:39:27 -------- d-----w- C:\PROGRA~2\Windows Azure Tools 2014-06-14 07:13:22 -------- d-----w- C:\PROGRA~2\Windows Kits 2014-06-14 07:00:09 -------- d-----w- C:\PROGRA~2\Microsoft Visual Studio 12.0 ======= C: ===== 2014-06-14 04:52:58 3F5521AB1BD6AE6B7C61D3AAE9ABFD88 928 ----a-w- C:\DelFix.txt ====== C:\Users\Thierry\AppData\Roaming ====== 2014-07-09 16:41:15 -------- d-----w- C:\Users\Default\AppData\Local\Google 2014-07-09 16:41:15 -------- d-----w- C:\Users\Default User\AppData\Local\Google 2014-07-09 04:18:52 -------- d-----w- C:\Users\Thierry\AppData\Roaming\Avira 2014-07-09 04:13:58 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Avira 2014-06-19 12:16:26 -------- d-----w- C:\Users\Thierry\AppData\Local\Skype 2014-06-19 12:16:09 -------- d-----w- C:\Users\Thierry\AppData\Roaming\Skype 2014-06-17 07:45:44 -------- d-----w- C:\Users\Thierry\AppData\Roaming\Canon 2014-06-16 13:00:50 -------- d-----w- C:\Users\Thierry\AppData\Local\Packard Bell 2014-06-16 12:31:10 -------- d-----w- C:\Users\Thierry\AppData\Roaming\DropboxMaster 2014-06-16 12:30:56 -------- d-----w- C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-06-16 12:29:36 -------- d-----w- C:\Users\Thierry\AppData\Roaming\Dropbox 2014-06-14 08:38:28 -------- d-----w- C:\Users\Thierry\AppData\Local\WAStorageEmulator ====== C:\Users\Thierry ====== 2014-07-09 04:07:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-07-09 04:07:41 -------- d-----w- C:\ProgramData\Avira 2014-06-19 12:16:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-06-19 12:15:51 -------- d-----w- C:\ProgramData\Skype 2014-06-17 07:43:35 -------- d--h--w- C:\ProgramData\CanonIJETV 2014-06-17 07:37:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2014-06-17 07:36:58 -------- d-----w- C:\ProgramData\CanonIJWSpt 2014-06-16 13:00:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell External HDD 2014-06-16 12:32:45 -------- d-----r- C:\Users\Thierry\Dropbox 2014-06-16 12:26:23 -------- d-----r- C:\Users\Thierry\Google Drive 2014-06-16 12:24:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2014-06-14 08:39:40 -------- d-----w- C:\ProgramData\dftmp 2014-06-14 08:39:02 773F34CE011E051DF33C1B8E4C52BBDF 3211264 ----a-w- C:\Users\Thierry\WAStorageEmulatorDb32.mdf 2014-06-14 08:38:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Azure 2014-06-14 07:00:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013 ====== C: exe-files == 2014-07-12 06:50:59 FC95544BFACAC7051764F8B8478DDF0A 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1049643930-549260389-1984244956-1001\$I2D38ZF.exe 2014-07-12 06:14:40 331F49F8FE14FA2F0DC9FE88BB3A5A93 217768 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\msoxmled.exe 2014-07-12 06:14:32 F4BA3654E74C8783C7A5C56340DC3225 1076440 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\olicenseheartbeat.exe 2014-07-12 06:14:31 DC4901C5AD905C2C8444C16BE94D3142 474344 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\dwtrig20.exe 2014-07-12 06:14:31 D34E8AC7A629929BCE61C424931894F2 5520088 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\cmigrate.exe 2014-07-12 06:14:31 6C1F77880396D362D7688FFDC094CB26 207016 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\msoxmled.exe 2014-07-12 06:14:31 40C7B067561CF0A333849E498EC21E7F 842448 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\dw20.exe 2014-07-12 06:14:31 340EBEC84B187DC1F88EDBB02781B247 550584 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\msosqm.exe 2014-07-12 06:14:31 07172AE32812C00603887C0D54DEADA0 79600 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe 2014-07-12 06:14:27 A4E96540BAF2596592D172F6592101BB 7487192 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\cmigrate.exe 2014-07-12 06:14:26 AD70512F80F9DF842F9A9711F3C985F1 1923232 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\winword.exe 2014-07-12 06:14:26 4E4F2190AB716AA2FBF0B221B21ED28C 528072 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\vpreview.exe 2014-07-12 06:14:24 F8D3AA972C86F5F1DA095E4EA9A74D86 480984 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\selfcert.exe 2014-07-12 06:14:24 2DB17A0C55260676BE38C9DE1E8004B3 873648 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe 2014-07-12 06:14:24 1A85EEDAB6D5F89864FE1A9F5F11457F 1846960 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\powerpnt.exe 2014-07-12 06:14:23 C4C43F38C601756CAE155479F4BDF70B 18938024 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\outlook.exe 2014-07-12 06:14:23 0B039686D3DD66A2B0260F8503C4AAA2 9597104 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\pdfreflow.exe 2014-07-12 06:14:22 88354CCEE11A1621B5C7951BFF999474 195248 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe 2014-07-12 06:14:20 160E1088E61BF287858BB7D6C9D03566 569592 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\orgchart.exe 2014-07-12 06:14:17 858C33F5A9307970C1DA8E89F73CAD4D 1754792 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\onenote.exe 2014-07-12 06:14:11 BA508353F5B1CC0A7C861770EE61E13D 497856 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msouc.exe 2014-07-12 06:14:11 A1B4AA9C0CB138F8006C8ABF826926BD 10751656 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\mspub.exe 2014-07-11 20:59:23 21D4192AC16FE58C7C3FBF7E9C6E1AEA 4522176 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\graph.exe 2014-07-11 20:59:22 629E073BBF520EBC262A2E1800D60DB7 517360 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\iecontentservice.exe 2014-07-11 20:59:21 D53A185F15854E0B3A7F2BF5BE904AA5 15518376 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msaccess.exe 2014-07-11 20:59:21 51DB6A1ED36A0EA43125DDE1EBD34AD9 449216 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msosync.exe 2014-07-11 20:59:20 9F7CDD5496EA3CC2F6FF780597E28DC9 21930144 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe 2014-07-11 20:59:20 85DE4756AD2AE17EE8C1023C9F5BFC86 986792 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\firstrun.exe 2014-07-11 20:59:19 82F642D8418CEC1D14318ECC80626EC8 25710240 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\excel.exe 2014-07-11 20:59:13 9C055A5A8C4C8E828609EFAD4CB71067 228544 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\clview.exe 2014-07-11 20:59:04 E4708F218D909BADA665FC5A93682074 589008 ----a-w- C:\Program Files\Microsoft Office 15\root\Integration\integrator.exe 2014-07-10 16:32:26 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1049643930-549260389-1984244956-1001\$R2D38ZF.exe 2014-07-10 03:52:48 6946919260BB72A21C69037C6BA2CDB5 2095616 ----a-w- C:\Program Files\Windows Journal\Journal.exe 2014-07-09 04:13:01 8DEE08F59851CC0802A14FC6C3E491FD 491600 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe 2014-07-09 04:12:56 5D5943910E4A2545F13089610E713996 1054288 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe 2014-07-09 04:12:56 4502AC81669E8B35653815606E69F4A1 392272 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe 2014-07-09 04:12:56 433B293D2F121310CC2D124A87DC1843 67152 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\toastnotifier.exe 2014-07-09 04:12:55 E6D8165A8457823538C0A08B2936A4A6 447056 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe 2014-07-09 04:12:55 71FF376D7483374E3C8907A7A6B2FCAB 482384 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\licmgr.exe 2014-07-09 04:12:55 4C14746BCBF9985BDBF1CD1BEED96DF8 430160 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 2014-07-09 04:12:55 251BF5D259B75B6E291B0CA6D497DAA1 1870928 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe 2014-07-09 04:12:55 1D28958CD5EFF2CC4A1EE046B7037332 486480 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\inssda64.exe 2014-07-09 04:12:55 140D7FF21B9F8EDF580A5B99ACAB116C 416336 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\setuppending.exe 2014-07-09 04:12:54 FD3FD69225A261EA685999168C8114CB 878672 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\fact.exe 2014-07-09 04:12:54 40386BC96A963F0F40928B4E2A200786 399440 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\checkt.exe 2014-07-09 04:12:54 190602B46E570F731FD33BBE6D5B433A 656976 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\guardgui.exe 2014-07-09 04:12:53 E7E31C3651AAF6C6996F48A4BBAC68E0 622672 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe 2014-07-09 04:12:53 D8D796E27D3EAAB079F90372F7C80EC2 494672 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebloader.exe 2014-07-09 04:12:53 8900BF6C4D6B02F8E4CBE9A276D15B50 1028688 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe 2014-07-09 04:12:53 8777CD17E524EDAF32A42930B4C5A5B9 545360 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avrestart.exe 2014-07-09 04:12:53 766252EC1A3E4AAA6C9AC4EAD152D3AA 407632 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avupgsvc.exe 2014-07-09 04:12:53 6B87DBF7C8A17D6D297A4DE9CD9AE6F7 463440 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\ccuac.exe 2014-07-09 04:12:53 4888521CC073279950204635385E0E19 1042512 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe 2014-07-09 04:12:53 2A2BC67284FC54EAD31390CD130A0D5C 1203808 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avwsc.exe 2014-07-09 04:12:53 1BF085C13A8F62E056E6201AFCF5E675 1030224 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe 2014-07-09 04:12:52 F1F9E1CE076954D57772A0DE1C8E9FA1 855632 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avconfig.exe 2014-07-09 04:12:52 76BBAFE390FAA4F071D4987A3C9E9DDB 415312 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avadmin.exe 2014-07-09 04:12:52 6C1B71D162F409E9ECF013EE444D7880 683600 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe 2014-07-09 04:12:52 5D02F61B1D2D700E09DB45C7BC0B73CA 702032 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe 2014-07-09 04:12:52 4C14746BCBF9985BDBF1CD1BEED96DF8 430160 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 2014-07-09 04:12:52 1E9B225DE829A6F666A0BA9B8A7984BF 750160 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 2014-07-07 11:53:12 E18DA87960DB27144D31D2E944BD55A2 189520 ----a-w- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe 2014-07-07 11:53:10 CD60BA2B102F114D6AF53BE17EEDCD4B 141392 ----a-w- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe 2014-07-07 11:53:02 A90E79883A321BB2C857E18BADA64D72 76880 ----a-w- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Messenger.exe === C: other files == 2014-07-10 03:54:01 83E3C080E9B0E0677DBCDF9D7F434166 4190720 ----a-w- C:\Windows\System32\win32k.sys 2014-07-10 03:53:57 374E27295F0A9DCAA8FC96370F9BEEA5 563200 ----a-w- C:\Windows\System32\drivers\afd.sys 2014-07-10 03:53:53 1CD3A907D64D08F49208DA00B69BF35E 565576 ----a-w- C:\Windows\System32\drivers\cng.sys 2014-07-09 04:12:56 43552F707825F03E84C0FA217DBA3868 42088 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\sweb.zip 2014-07-09 04:12:52 8902AEC2382A37E9E99A4E0D52DBD42B 130584 ----a-w- C:\Windows\System32\drivers\avipbb.sys 2014-07-09 04:12:52 8902AEC2382A37E9E99A4E0D52DBD42B 130584 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avipbb.sys 2014-07-09 04:12:52 868B8276DAFE0F275AD93F704EABC139 42040 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avnetflt.sys 2014-07-09 04:12:52 4663C5AD76FE8E19592DE808156FA07D 117712 ----a-w- C:\Windows\System32\drivers\avgntflt.sys 2014-07-09 04:12:52 4663C5AD76FE8E19592DE808156FA07D 117712 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avgntflt.sys 2014-07-09 04:12:52 390184FAD8FCC1B6DA25AEBAE928C3B6 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys 2014-07-09 04:12:52 390184FAD8FCC1B6DA25AEBAE928C3B6 28600 ----a-w- C:\Program Files (x86)\Avira\AntiVir Desktop\avkmgr.sys ==== Startup Registry Enabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BtTray"="C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" "YouCam Service"="C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe /s" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AccelerometerSysTrayApplet"="C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe" "HPMessageService"="C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe" "Avira Systray"="C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe" "avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" ==== Startup Folders ====================== 2014-06-03 17:36:25 1136 ----a-w- C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08/07/2014 20:54] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/03/2014 21:19] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/03/2014 21:19] C:\WINDOWS\tasks\HPCeeScheduleForThierry.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [13/09/2010 22:15] C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job --a-------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [28/03/2014 21:22] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe] "C:\WINDOWS\SysNative\tasks\CLVDLauncher" [C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\HPCeeScheduleForThierry" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{274C796D-747B-4FC6-B185-93EC930A948D}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon" [C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[11/04/2014 19:46] Google Docs - Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf OneDrive - Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk Google Wallet - Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Chloe - Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pillplnpmfjckedkedpaoembffbpklnf Gmail - Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1553-29906-12136-18/4" ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: @oem39.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing) O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Thierry\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Thierry\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=146 folders=199 475106896 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Thierry\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Thierry\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on zo 13/07/2014 at 15:55:36,66 ======================