Zoek.exe v5.0.0.0 Updated 21-February-2015 Tool run by BUREAU on zo 22/02/2015 at 8:26:36,07. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\BUREAU\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 22/02/2015 8:29:24 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Uninstall Information deleted C:\PROGRA~3\Package Cache deleted C:\Windows\SysNative\config\systemprofile\Searches deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\BUREAU\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-02-15 16:30:18 4FD3763F3917201856B0CBCE310003EA 4300800 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-02-15 16:30:18 01BD2653F2185218837CF4A175617F8A 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2015-02-13 06:24:34 B63A6FF4339C9B701A93D3973C7FB6D2 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2015-02-13 06:24:34 7C893DBA0A58855A99DA68B751FD223B 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll 2015-02-13 06:24:33 7D94A9161E8432B8521E60E064B1D737 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2015-02-13 06:24:32 F3F6BE20A03215209B61CA85B4A83E1F 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2015-02-13 06:24:32 A12D64A94EC57079C2D96A741CB4FF53 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2015-02-13 06:24:32 3BB446DE24501FEA5FDB9A9DB23A22AE 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2015-02-13 06:24:31 C256EFD3655EC782F8094E96094E8F9E 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2015-02-13 06:23:31 E1A4D24281526DDFEA418F729CDA9DC6 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2015-02-13 06:23:31 B0F7BD3492C2D60A70F15AEADCE1E2A6 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2015-02-13 06:23:30 D87759889FE7BCAE4461439139E62BAA 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2015-02-13 06:23:30 3B9EF1B8E154D202D32A7765E2F33554 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2015-02-13 06:23:29 94B1F7CE1AAA5542923E0AD63C4D0050 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-02-13 06:23:29 8FBC9680719ACDA9351B67D906C682F4 688640 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-02-13 06:23:29 8E8137569741D3693F88DDF94CC38C20 1307136 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-02-13 06:23:29 74EA6C792F57E453261DA210C1BCEB53 342712 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2015-02-13 06:23:29 6FA05244FD2E40A3DC08337146B3C425 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2015-02-13 06:23:29 61C74D794C14E9FC94D93F5F0F72A3F9 19740160 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-02-13 06:23:28 47B26D89EF9973E2DD586D0C827F61A9 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2015-02-13 06:23:27 FD6AF61AF029B9BC2CF4EFF57CDD5821 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-02-13 06:23:27 AD3F5926EC2C1F21FB45D1CDED6E2A47 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2015-02-13 06:23:27 9A91F9B5035F54C2D0BA92CF9B16EE34 2277888 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-02-13 06:23:27 5FB7E9786F70F4072663746072C9E6CE 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2015-02-13 06:23:27 55A84600EAAF8F1D3F0E6206E2EF6D48 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2015-02-13 06:23:27 28B2D3CB1B4306D476200D80AF7D87AD 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2015-02-13 06:23:26 EF05E63ACC834470A07A2E73D519B5FA 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2015-02-13 06:23:26 994E7459260D315573DD72783D1B78A7 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll 2015-02-13 06:23:26 78A1A938D51D4F83A772123B93EE1612 12829184 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-02-13 06:23:24 F285D499EC42969D963CA49EADA63218 1888256 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-02-13 06:23:24 9DEE691C8FDBC2DE6957F1AE873C78FC 503296 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-02-13 06:23:24 180168942E4A133C55E7BBF17DA3C142 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2015-02-13 06:23:23 6F10743069DFFC56DEE079204960844E 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2015-02-13 06:22:55 793F6658ED65839FDB2957A4884CB63C 1230336 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll 2015-02-13 06:22:28 F312300F29620F74E3AF3AF018151935 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2015-02-13 06:22:28 F2A743912D404A8866362836CFE7A648 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2015-02-13 06:22:28 F29BC66CE4A5507A49FB20744A056E61 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2015-02-13 06:22:28 4E6934926B4C923CC0FF61C6D77814EF 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2015-02-13 06:22:28 43791D2F736C4E9BE9FE0B33A1E92A5D 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2015-02-13 06:22:28 36F152AE2F64B12771A44EA77124332B 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2015-02-13 06:21:29 E365C7B3EBB96451D3C9DF6B6B6900C2 179200 ----a-w- C:\Windows\SysWOW64\wintrust.dll 2015-02-13 06:21:29 623E143F2DF17C0106A9988F5D7DC878 143872 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll 2015-02-13 06:21:29 0C96A745A76C7DD75C5503E86D968E49 1174528 ----a-w- C:\Windows\SysWOW64\crypt32.dll 2015-02-13 06:21:13 A208DAC2932649CFF82A6A684D8BB1F6 571904 ----a-w- C:\Windows\SysWOW64\oleaut32.dll 2015-02-13 06:20:50 F5142E9A99F44F9CC19A8AF31761F7F9 3221504 ----a-w- C:\Windows\SysWOW64\mstscax.dll 2015-02-13 06:20:49 B3AC14EA18DD0EE517703A86963AED18 131584 ----a-w- C:\Windows\SysWOW64\aaclient.dll 2015-02-13 06:19:26 B3BC38B886CA53C92D52EF724A9F0D45 308224 ----a-w- C:\Windows\SysWOW64\scesrv.dll 2015-02-13 06:19:04 62C93E47A424A8EC79F3CF1719A2DCC6 3972544 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2015-02-13 06:19:00 6D227897A458DA8A9518DACDC88F1947 3917760 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2015-02-13 06:18:57 97B7E7E3356F7F7FE5B948AB3ED707DD 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-02-15 16:30:18 D363FBB2D0223956FF61ADBDBF5499B1 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2015-02-15 16:30:18 16ACAA0C01F31B39F39446188F6A3593 6041600 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-02-13 06:25:29 47709F1B718859ED8AB5EA3EA3974BEB 609280 ----a-w- C:\Windows\Sysnative\generaltel.dll 2015-02-13 06:25:28 64EAD6C9D342E7E0CFCA3559FCBFDDAC 894976 ----a-w- C:\Windows\Sysnative\appraiser.dll 2015-02-13 06:25:28 5C09611AB8D508CC252BB2D5A069D1AC 1098752 ----a-w- C:\Windows\Sysnative\aeinv.dll 2015-02-13 06:25:28 5632EB9633EACCC323CEA2C03A0B4133 762368 ----a-w- C:\Windows\Sysnative\invagent.dll 2015-02-13 06:25:27 B5746809407BDEB18D9D4769CD9FF24E 414720 ----a-w- C:\Windows\Sysnative\devinv.dll 2015-02-13 06:25:26 7150E809474BBD4D4AD24B13FA2454E5 1239720 ----a-w- C:\Windows\Sysnative\aitstatic.exe 2015-02-13 06:25:25 EF4FA1D31D146EA0C04D16E75FCA6BCF 192000 ----a-w- C:\Windows\Sysnative\aepic.dll 2015-02-13 06:25:25 7F2F9AACF457CE48CDDBD643FC53487C 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll 2015-02-13 06:24:35 DDACB408E607655EC64269706BFD504C 341504 ----a-w- C:\Windows\Sysnative\schannel.dll 2015-02-13 06:24:33 C1F9E139B8AE80803CE44DC0377CA342 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll 2015-02-13 06:24:33 A46A6C5AD462071B718EBF3C9E117849 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2015-02-13 06:24:33 6A06BCED1DF1CFE8A32E7D10ABAA7188 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2015-02-13 06:24:33 5350A548BEC957978B7014CDFF091542 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2015-02-13 06:24:32 8F33880F1863BE3925D3A0121FAC5E8F 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2015-02-13 06:24:31 22E30E28865C32C3CF4F4E0E7E277FDC 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2015-02-13 06:23:31 01A314677CC80041A63ED109B56A76B0 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2015-02-13 06:23:30 71EBA93C5322A52A7E177E03E1AE7161 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2015-02-13 06:23:30 68A2B96528F58D995882FBEB4D9658A5 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2015-02-13 06:23:29 F42B1DAAB5B7621341243878180446CD 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2015-02-13 06:23:29 92BD5080B81EDFA32B0CEE8B923D62C3 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2015-02-13 06:23:29 8076BB31004C1D763D5D4AEF9F0BDD4B 718848 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2015-02-13 06:23:27 CB2528D522FF1F5A7BF9B27D2FB250FF 1548288 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-02-13 06:23:27 2E4F8664B54426C2F5523665B279E984 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2015-02-13 06:23:27 1D824B5A200C284E1A546C2C50704471 389808 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2015-02-13 06:23:26 DF39C79DFC1C063493D2DB9B3237B29F 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2015-02-13 06:23:26 97F037E09A706ACDA681D740DEE16AE4 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2015-02-13 06:23:26 76DB5845E168173BBA2D3CCC4B363E42 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-02-13 06:23:25 7A388AFC6885D22F4D988EE9B8D1291A 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-02-13 06:23:25 512DD29CE6CDCB22EA615286DA7022E7 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2015-02-13 06:23:25 15842FB41A3BF2A2F5071518B38C957A 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-02-13 06:23:24 A7A3775B0014B165D75A00A1F632E4B5 2885632 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-02-13 06:23:23 D7922F3AC6BF1EA77240E0061D648174 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2015-02-13 06:23:23 CA3F410410DE9E5234217D33B9628224 633856 ----a-w- C:\Windows\Sysnative\ieui.dll 2015-02-13 06:23:23 A7814E76ED4ACE0694A83F6E4B6A7272 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2015-02-13 06:23:23 6916B0663357B183B120D1A4DD7DDAB0 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2015-02-13 06:23:22 E0F76B5B904E4F448641B2B506496351 14401024 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-02-13 06:23:22 A04F0C4A0B80C92F92E854E7157D6466 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2015-02-13 06:23:22 4CE68D160D80AF6C9FDB5C60BA087DA5 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2015-02-13 06:23:19 BF57C911895454A8874E9DFA5716C624 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-02-13 06:23:18 9DFE41A69DF70AAB75CB5BA8C1109EA2 2358272 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-02-13 06:23:18 47162151E35EA0B7152B7C841FA21FDB 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2015-02-13 06:23:18 4701399F7BA312353ADE8225F6EB512B 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2015-02-13 06:23:17 CD726C899BD9A398E8420564A957320B 25056256 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-02-13 06:22:55 4861B9AF67E1B0154A55FDE4B3A61EB9 1424384 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll 2015-02-13 06:22:29 C97662B6752BFEF07C565D96E8ECC98F 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2015-02-13 06:22:28 E0105F3B5B1C4B0F5B3D788A13504EC6 31232 ----a-w- C:\Windows\Sysnative\lsass.exe 2015-02-13 06:22:28 BE4927689BA39E18A104986CB1363C97 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2015-02-13 06:22:28 94C6BCF9212E20866AC1558A32E9F228 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2015-02-13 06:22:28 857CED230A6B87E84FCA04B472A3CB1A 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll 2015-02-13 06:22:28 6EAD88B508E4785F4AFDFD24F76E8839 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll 2015-02-13 06:22:28 51BB93FF96AE3882B4AF7CA11000D3A3 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2015-02-13 06:22:28 2EE57F4491A402C04FCAA7D012493884 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2015-02-13 06:22:28 1798826FE9FFEA9E93E74A5868559D4A 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2015-02-13 06:21:29 E5AF792AB409F600D416CB257C84305D 1480192 ----a-w- C:\Windows\Sysnative\crypt32.dll 2015-02-13 06:21:29 7FC292D1527EDFEBA2576B6789DE6AB5 229376 ----a-w- C:\Windows\Sysnative\wintrust.dll 2015-02-13 06:21:29 19D511CC455C19DE1ADF60E6C39C85B6 187904 ----a-w- C:\Windows\Sysnative\cryptsvc.dll 2015-02-13 06:21:13 AE4FEDD98096C09A8A86E021FC5E9D67 861696 ----a-w- C:\Windows\Sysnative\oleaut32.dll 2015-02-13 06:20:53 2A25F5ACA9DCAF9AE9570DED13A8E078 3722752 ----a-w- C:\Windows\Sysnative\mstscax.dll 2015-02-13 06:19:27 FE72C89986E1BA32AD926A820491F23F 406528 ----a-w- C:\Windows\Sysnative\scesrv.dll 2015-02-13 06:19:09 9819614CA9EFB5A96493B379170B9D89 5554112 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2015-02-13 06:18:57 F7A3018D8F1825427BC11E912D5287CD 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe 2015-02-13 06:18:57 D6CDCAF84810641D1D2B455750825ACA 50176 ----a-w- C:\Windows\Sysnative\srclient.dll 2015-02-13 06:18:57 0147AA370862201A443752351F135D31 503808 ----a-w- C:\Windows\Sysnative\srcore.dll 2015-02-13 06:17:17 DF07110F77639E73D0537188703F44F6 3201536 ----a-w- C:\Windows\Sysnative\win32k.sys ====== C:\Windows\Sysnative\drivers ===== 2015-02-13 06:22:29 E45CDE1C8340DFEDF1D6724263F39E5B 458824 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2015-02-13 06:22:28 C60C6B9A2E50B0404F6789C62B428C03 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-02-13 06:22:28 78D152A9FD5747FF6AA89C79F0346F62 155072 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-02-21 12:09:30 -------- d-----w- C:\Program Files\trend micro 2015-02-20 19:22:11 -------- d-----w- C:\Program Files\Common Files\Macrovision Shared ======= C:\PROGRA~2 ===== 2015-02-21 07:34:12 -------- d-----w- C:\PROGRA~2\TeklaStructuresLearning 2015-02-20 19:22:09 -------- d-----w- C:\PROGRA~2\COMMON~1\Macrovision Shared ======= C: ===== ====== C:\Users\BUREAU\AppData\Roaming ====== 2015-02-21 07:56:36 -------- d-----w- C:\Users\BUREAU\AppData\Local\Tekla Structures 2015-02-21 07:49:40 -------- d-----w- C:\Users\BUREAU\AppData\Local\Tekla 2015-02-20 19:43:52 -------- d-----w- C:\Users\BUREAU\AppData\Roaming\uTorrent 2015-02-20 19:03:16 -------- d-----w- C:\Users\BUREAU\AppData\Local\Downloaded Installations 2015-02-03 22:36:25 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google ====== C:\Users\BUREAU ====== 2015-02-21 12:29:08 50C7D287EE8CAE9F89CEECE2C008DEED 61253280 ----a-w- C:\Users\BUREAU\Desktop\EIE11_NL-NL_MCM_WIN764.EXE 2015-02-21 12:08:23 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\BUREAU\Desktop\RSITx64.exe 2015-02-21 07:37:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tekla Structures Learning 2015-02-21 07:34:12 -------- d-----w- C:\ProgramData\Tekla Structures Learning 2015-02-20 19:15:15 -------- d-----w- C:\Users\Public\Documents\Tekla 2015-02-20 19:05:37 F3CAD3BAC66E23D18E0AB7B7D9276746 482234856 ----a-w- C:\Users\BUREAU\Downloads\TeklaStructures201x64Software (1).exe 2015-02-20 19:00:08 79D4A1A228736FCA64738BECD09102CD 16385768 ----a-w- C:\Users\BUREAU\Downloads\Env_Netherlands_enu_inst_200_1.exe ====== C: exe-files == 2015-02-21 12:29:08 50C7D287EE8CAE9F89CEECE2C008DEED 61253280 ----a-w- C:\Users\BUREAU\Desktop\EIE11_NL-NL_MCM_WIN764.EXE 2015-02-21 12:09:36 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\BUREAU.exe 2015-02-21 12:08:23 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\BUREAU\Desktop\RSITx64.exe 2015-02-21 07:44:34 86F6F12919D36AF432E9F90B4C65C27A 529818808 ------w- C:\Program Files (x86)\InstallShield Installation Information\{C6D0A74B-98A6-428D-8BA6-E723CAEEB8C7}\TeklaStructuresLearning.exe 2015-02-21 07:32:33 9FBF689AD7F2441145CA6B1963001404 57451128 ----a-w- C:\Users\BUREAU\AppData\Local\Downloaded Installations\{5DA0D6DD-8F21-4F3D-8912-3F0DB334238B}\Env_Default_inst_Learning.exe 2015-02-21 07:32:04 EA37BA9148DFB61B10CC8C2C32EC5985 471378176 ----a-w- C:\Users\BUREAU\AppData\Local\Downloaded Installations\{DBEC3422-7BE8-4B1A-8AF7-797A2E587084}\TeklaStructuresLearning201.exe 2015-02-20 19:46:04 2D7C5669058EF750FADB83B36D7A55A8 1738576 ----a-w- C:\Users\BUREAU\AppData\Roaming\uTorrent\updates\3.4.2_38758.exe 2015-02-20 19:45:38 2D7C5669058EF750FADB83B36D7A55A8 1738576 ----a-w- C:\Users\BUREAU\AppData\Roaming\uTorrent\uTorrent.exe 2015-02-20 19:22:11 06211EAA698A06F5582E04AD6951356E 1369904 ----a-w- C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe 2015-02-20 19:22:09 AEA2D3781D83DD2A7B7E239A9664C544 1104688 ----a-w- C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe 2015-02-20 19:00:08 79D4A1A228736FCA64738BECD09102CD 16385768 ----a-w- C:\Users\BUREAU\Downloads\Env_Netherlands_enu_inst_200_1.exe 2015-02-20 18:38:00 F4CC03D0A936AD6780ADA614AE81B413 840272 ----a-w- C:\Program Files (x86)\Google\Update\Install\{AC141383-6B99-492C-97A4-FB0362081685}\40.0.2214.115_40.0.2214.111_chrome_updater.exe 2015-02-20 18:38:00 F4CC03D0A936AD6780ADA614AE81B413 840272 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.115\40.0.2214.115_40.0.2214.111_chrome_updater.exe === C: other files == 2015-02-20 19:43:53 F2F18BC5529FFD6B9B22B18972E10202 68 ----a-w- C:\Users\BUREAU\AppData\Local\Temp\HYD6D4E.tmp.1424461433\HTA\install.1424461433.zip 2015-02-20 19:43:40 F2F18BC5529FFD6B9B22B18972E10202 68 ----a-w- C:\Users\BUREAU\AppData\Local\Temp\HYD3B36.tmp.1424461420\HTA\install.1424461420.zip 2015-02-20 19:15:18 CB4485F7988797A4971F216FC4FAA097 3645739 ----a-w- C:\Users\Public\Documents\Tekla\Tekla Warehouse\local_site.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-179576916-2934787108-4262834344-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-179576916-2934787108-4262834344-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-179576916-2934787108-4262834344-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] [HKEY_USERS\S-1-5-21-179576916-2934787108-4262834344-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HDAudDeck] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HDAudDeck" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\VIA\\VIAudioi\\VDeck\\VDeck.exe -r" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HotKeysCmds" "hkey"="HKLM" "command"="C:\\Windows\\system32\\hkcmd.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IgfxTray" "hkey"="HKLM" "command"="C:\\Windows\\system32\\igfxtray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IndexTray.exe] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IndexTray.exe" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Sharp\\Sharpdesk\\IndexTray.exe\" /n" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NUSB3MON] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NUSB3MON" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\NEC Electronics\\USB 3.0 Host Controller Driver\\Application\\nusb3mon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Persistence" "hkey"="HKLM" "command"="C:\\Windows\\system32\\igfxpers.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SharpTray.exe] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SharpTray.exe" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Sharp\\Sharpdesk\\SharpTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SynTPEnh" "hkey"="HKLM" "command"="%ProgramFiles%\\Synaptics\\SynTP\\SynTPEnh.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Hotkey.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Hotkey.lnk" "backup"="C:\\Windows\\pss\\Hotkey.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\Hotkey\\Hotkey.exe " "item"="Hotkey" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Sharp Button Manager G.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Sharp Button Manager G.lnk" "backup"="C:\\Windows\\pss\\Sharp Button Manager G.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\SHARP\\BUTTON~1\\btnman.exe " "item"="Sharp Button Manager G" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/11/2014 16:30] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe"] "C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\SymErr.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Chromium Look ====================== Google Chrome Version: 40.0.2214.115 (Up to date, latest Stable version: 40.0.2214.115) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions iikflkcanblccfahdhdonehdalibjnif - No path found[] mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx[20/09/2014 09:52] Google Slides - BUREAU\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - BUREAU\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - BUREAU\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - BUREAU\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - BUREAU\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - BUREAU\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Wallet - BUREAU\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - BUREAU\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{4AD43CA1-DDA6-4F29-AC12-A539D0169C94}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found" {4AD43CA1-DDA6-4F29-AC12-A539D0169C94} Google Url="https://www.google.com/search?q={searchTerms}" ==== Reset Google Chrome ====================== C:\Users\BUREAU\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\BUREAU\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-179576916-2934787108-4262834344-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\BUREAU\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\BUREAU\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\BUREAU\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=15 folders=17 14040019 bytes) ==== Empty Temp Folders ====================== C:\Users\BUREAU\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\BUREAU\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 22/02/2015 at 9:37:29,72 ======================