
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by cindy on vr 24/07/2015 at 17:04:57,43.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\cindy\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

24/07/2015 17:07:59 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Program Files\stinger deleted successfully
C:\PROGRA~3\Canon IJ Network Tool deleted successfully
C:\PROGRA~3\PCSettings deleted successfully
C:\Users\cindy\AppData\Roaming\Systweak deleted successfully
C:\Users\cindy\AppData\Local\CrashDumps deleted successfully
C:\Users\cindy\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\cindy\AppData\Local\EmieSiteList deleted successfully
C:\Users\cindy\AppData\Local\EmieUserList deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2827186333-10210919-3947153205-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
""=- 

==== Deleting Files \ Folders ======================

C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 deleted
C:\ProgramData\AVG Web TuneUp deleted
C:\Program Files\AVG Web TuneUp deleted
C:\windows\SysNative\Tasks\HP Photo Creations Communicator deleted
C:\Users\cindy\AppData\Local\AVG Web TuneUp deleted
C:\PROGRA~2\COMMON~1\AVG Secure Search deleted
C:\PROGRA~3\Avg_Update_0215tb deleted
C:\PROGRA~3\Avg_Update_0914avt deleted
C:\PROGRA~3\AVG Security Toolbar deleted
C:\PROGRA~3\AVG Secure Search deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\WINDOWS\SysNative\roboot64.exe deleted
C:\Users\Public\sdelevURL.tmp deleted
C:\Users\cindy\AppData\LocalLow\AVG Web TuneUp deleted
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\Users\Public\Desktop\YouTube Song Downloader.lnk deleted
C:\Users\cindy\AppData\Roaming\Mozilla\Firefox\Profiles\LfqrwW6b.default\extensions\abs@avira.com deleted
"C:\windows\Installer\29fdb.msi" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\Users\cindy\AppData\Local\Temp ====
2015-07-22 19:54:30	642D17E4095DD1D0C26E88F03A9BD120	35512	----a-w-	C:\Users\cindy\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2015-07-22 19:26:27	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-da50331c-1043-44fa-b4bb-1268389c950f\Uninstaller.exe
2015-07-22 19:26:24	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-cbeac1bb-4ffd-4649-b0e5-ca3a4e7bf445\Uninstaller.exe
2015-07-22 19:26:22	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-719ab167-2f35-4650-b3b7-0bcc9ac69651\Uninstaller.exe
2015-07-22 19:26:20	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-9957c68c-7c50-4e74-b183-69ed69ca5b22\Uninstaller.exe
2015-07-22 19:26:18	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-bdea3841-4202-43f1-9204-a88b73b5283c\Uninstaller.exe
2015-07-22 19:26:15	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-6573870b-b55c-4897-a1a8-764f884f6ad0\Uninstaller.exe
2015-07-22 19:26:13	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-97b31ced-f719-4f95-842b-dab000304ddb\Uninstaller.exe
2015-07-22 19:26:11	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-2c1f65c4-b907-4798-ba7c-feb1226705b5\Uninstaller.exe
2015-07-22 19:26:09	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-80b28d1a-7c75-446f-b6b9-a77439a48ba0\Uninstaller.exe
2015-07-22 19:26:07	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-f95594d3-7318-41ec-a749-4323421db2e3\Uninstaller.exe
2015-07-22 19:26:05	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-35b6c1b5-2389-4c7c-8be4-cd85d511918b\Uninstaller.exe
2015-07-22 19:26:03	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-a82601cd-4809-4a11-aa24-d3b61d747ecb\Uninstaller.exe
2015-07-22 19:26:00	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-257b48b9-1e13-433f-ab21-3d7e0eb1bf1f\Uninstaller.exe
2015-07-22 19:25:54	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-7b4b95fd-ea57-4658-9fd4-a08c7217ba13\Uninstaller.exe
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
====== C:\WINDOWS\Sysnative\drivers =====
2015-07-22 19:53:15	A900ED612B02CB3A2A8028866ED62E72	137288	----a-w-	C:\WINDOWS\Sysnative\drivers\avgntflt.sys
2015-07-22 19:53:15	83586138F23A4C284EB68AFC852D7AFA	43576	----a-w-	C:\WINDOWS\Sysnative\drivers\avnetflt.sys
2015-07-22 19:53:15	45061BD6F11B80BF1C07A9253A659BF1	148632	----a-w-	C:\WINDOWS\Sysnative\drivers\avipbb.sys
2015-07-22 19:53:15	390184FAD8FCC1B6DA25AEBAE928C3B6	28600	----a-w-	C:\WINDOWS\Sysnative\drivers\avkmgr.sys
2015-06-27 12:30:51	8E98D21EE06192492A5671A6144D092F	33240	----a-w-	C:\WINDOWS\Sysnative\drivers\GEARAspiWDM.sys
====== C:\WINDOWS\Tasks ======
2015-06-27 12:27:29	--------	d-----w-	C:\WINDOWS\Sysnative\Tasks\Apple
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2015-07-23 19:31:14	--------	d-----w-	C:\Program Files\trend micro
2015-07-01 07:09:13	--------	d-----w-	C:\Program Files\Common Files\AV
2015-06-27 12:29:40	--------	d-----w-	C:\Program Files\iPod
2015-06-27 12:29:38	--------	d-----w-	C:\Program Files\iTunes
2015-06-27 12:26:42	--------	d-----w-	C:\Program Files\Bonjour
2015-06-27 12:26:08	--------	d-----w-	C:\Program Files\Common Files\Apple
======= C:\PROGRA~2 =====
2015-07-22 19:47:53	--------	d-----w-	C:\PROGRA~2\Avira
2015-06-27 12:29:40	--------	d-----w-	C:\PROGRA~2\iTunes
2015-06-27 12:27:22	--------	d-----w-	C:\PROGRA~2\Apple Software Update
2015-06-27 12:26:42	--------	d-----w-	C:\PROGRA~2\Bonjour
2015-06-27 12:25:34	--------	d-----w-	C:\PROGRA~2\COMMON~1\Apple
======= C: =====
====== C:\Users\cindy\AppData\Roaming ======
2015-07-22 19:54:39	--------	d-----w-	C:\Users\cindy\AppData\Roaming\Mozilla
2015-07-22 19:54:30	--------	d-----w-	C:\Users\cindy\AppData\Roaming\Avira
2015-07-22 19:54:27	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Avira
2015-07-01 07:07:11	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Avg
2015-06-27 12:31:09	--------	d-----w-	C:\Users\cindy\AppData\Local\Apple Computer
2015-06-27 12:31:08	--------	d-----w-	C:\Users\cindy\AppData\Roaming\Apple Computer
2015-06-27 12:27:28	--------	d-----w-	C:\Users\cindy\AppData\Local\Apple
2015-06-27 12:27:17	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Apple Computer
====== C:\Users\cindy ======
2015-07-23 19:30:40	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\cindy\Desktop\RSITx64.exe
2015-07-22 19:47:56	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-22 19:47:53	--------	d-----w-	C:\ProgramData\Avira
2015-06-27 12:31:00	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-06-27 12:29:38	--------	d-----w-	C:\ProgramData\Apple Computer
2015-06-27 12:25:34	--------	d-----w-	C:\ProgramData\Apple

====== C: exe-files ==
2015-07-24 14:58:30	C5F22368CAB23D33FE8B052CFB4D3BF5	399896	----a-w-	C:\ProgramData\Avira\Antivirus\TEMP\SELFUPDATE\updrgui.exe
2015-07-24 14:58:30	BD4FECF35F2041E16C72788F77DAC81F	1149224	----a-w-	C:\ProgramData\Avira\Antivirus\TEMP\SELFUPDATE\update.exe
2015-07-23 19:31:15	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\cindy.exe
2015-07-23 19:30:40	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\cindy\Desktop\RSITx64.exe
2015-07-23 19:29:27	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\cindy\AppData\Local\Microsoft\Windows\INetCache\IE\LL4QPWNL\RSITx64.exe
2015-07-22 19:53:17	735AFDE3E7DCB93D404FFF2B721C23E9	482296	----a-w-	C:\Program Files (x86)\Avira\Antivirus\wsctool.exe
2015-07-22 19:53:17	44AAA7A2E7194603559DAB6F96CA6DD6	577784	----a-w-	C:\Program Files (x86)\Avira\Antivirus\administrativerightsprovider.exe
2015-07-22 19:53:16	DDE8FB60E7837F5CA5B1927559C2456F	494656	----a-w-	C:\Program Files (x86)\Avira\Antivirus\inssda64.exe
2015-07-22 19:53:16	D66AA4437E3EA551E34770A97AA869D6	2147312	----a-w-	C:\Program Files (x86)\Avira\Antivirus\setup.exe
2015-07-22 19:53:16	C5F22368CAB23D33FE8B052CFB4D3BF5	399896	----a-w-	C:\Program Files (x86)\Avira\Antivirus\updrgui.exe
2015-07-22 19:53:16	BD4FECF35F2041E16C72788F77DAC81F	1149224	----a-w-	C:\Program Files (x86)\Avira\Antivirus\update.exe
2015-07-22 19:53:16	9CC97CDF22229ED1D7BD0209B7FC3694	72856	----a-w-	C:\Program Files (x86)\Avira\Antivirus\toastnotifier.exe
2015-07-22 19:53:16	913148BACCBBA1AA5CFA5FC0A1AF39EA	475080	----a-w-	C:\Program Files (x86)\Avira\Antivirus\ipmgui.exe
2015-07-22 19:53:16	85488C95FAE93732C4675A642AA77423	467840	----a-w-	C:\Program Files (x86)\Avira\Antivirus\rscdwld.exe
2015-07-22 19:53:16	58FB167B287CAA05F7DD5AA1018FD52C	461672	----a-w-	C:\Program Files (x86)\Avira\Antivirus\sched.exe
2015-07-22 19:53:16	51029ACBF9A9155254CAEFC2DA476809	588368	----a-w-	C:\Program Files (x86)\Avira\Antivirus\licmgr.exe
2015-07-22 19:53:16	34E916B7CEC71AC34238FD6DF5D7E07C	709920	----a-w-	C:\Program Files (x86)\Avira\Antivirus\guardgui.exe
2015-07-22 19:53:16	217E1AC454DE1DD26D92900491589022	457040	----a-w-	C:\Program Files (x86)\Avira\Antivirus\setuppending.exe
2015-07-22 19:53:15	F857D22CEC14854D310C5596C8CE6006	1213072	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
2015-07-22 19:53:15	D84DAF58A56F5BCE7CAEB8E46DB844D6	555944	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avmcdlg.exe
2015-07-22 19:53:15	D307CD013B55796972237B6637C72B1A	791296	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avcenter.exe
2015-07-22 19:53:15	C2C250888ADB92A2F62BFC773A0550FC	887128	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avmailc.exe
2015-07-22 19:53:15	A6C7109DC622D7C8E69744F8457D8A2F	733616	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avnotify.exe
2015-07-22 19:53:15	A118B0109271D8943EB7F060FD30F662	407112	----a-w-	C:\Program Files (x86)\Avira\Antivirus\checkt.exe
2015-07-22 19:53:15	9FE1AC875A7AD7B7FF28FEC8B754968D	887128	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
2015-07-22 19:53:15	7DC013D87E61A4F11825D5EA407F5413	930328	----a-w-	C:\Program Files (x86)\Avira\Antivirus\fact.exe
2015-07-22 19:53:15	7B1578913538386780DCDD7EAB6F6D2B	4718584	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avira_en____fm.exe
2015-07-22 19:53:15	6A7E786720260AAACEB9986426DBB267	896344	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avconfig.exe
2015-07-22 19:53:15	5CF080840A87D4FA779EA9DD80788FCE	632152	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
2015-07-22 19:53:15	58FB167B287CAA05F7DD5AA1018FD52C	461672	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avguard.exe
2015-07-22 19:53:15	52033DFBC2ED92DF72EB61F8443C9554	503408	----a-w-	C:\Program Files (x86)\Avira\Antivirus\ccuac.exe
2015-07-22 19:53:15	4D16E7D13B09B4832EBECC24F4E6A50D	1171384	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avscan.exe
2015-07-22 19:53:15	4B0D5053F8413D3A12CA97939A37DD4B	415352	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avupgsvc.exe
2015-07-22 19:53:15	4A00D4B4906E6E0AB997259B099BBBBB	426664	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avadmin.exe
2015-07-22 19:53:15	32CB59D64ED1CD4CD2ACB1569C222501	818600	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avwsc.exe
2015-07-22 19:53:15	28DEF0EFB36D172EAA5A08EB09CF75DF	782008	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
2015-07-22 19:53:15	26EFFECBF1E7AC821B60DDD26141467D	1212048	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avwebgrd.exe
2015-07-22 19:53:15	1733AFC858DFD52013C516A133088214	573424	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avrestart.exe
2015-07-22 19:47:40	E47FD75B926FCCF57CFC3038FFA76D1A	4721376	----a-w-	C:\Users\cindy\AppData\Local\Microsoft\Windows\INetCache\IE\G8258FQR\avira_en_av_55aff3275c1cb__ws.exe
2015-07-22 19:26:27	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-da50331c-1043-44fa-b4bb-1268389c950f\Uninstaller.exe
2015-07-22 19:26:24	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-cbeac1bb-4ffd-4649-b0e5-ca3a4e7bf445\Uninstaller.exe
2015-07-22 19:26:22	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-719ab167-2f35-4650-b3b7-0bcc9ac69651\Uninstaller.exe
2015-07-22 19:26:20	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-9957c68c-7c50-4e74-b183-69ed69ca5b22\Uninstaller.exe
2015-07-22 19:26:18	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-bdea3841-4202-43f1-9204-a88b73b5283c\Uninstaller.exe
2015-07-22 19:26:15	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-6573870b-b55c-4897-a1a8-764f884f6ad0\Uninstaller.exe
2015-07-22 19:26:13	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-97b31ced-f719-4f95-842b-dab000304ddb\Uninstaller.exe
2015-07-22 19:26:11	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-2c1f65c4-b907-4798-ba7c-feb1226705b5\Uninstaller.exe
2015-07-22 19:26:09	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-80b28d1a-7c75-446f-b6b9-a77439a48ba0\Uninstaller.exe
2015-07-22 19:26:07	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-f95594d3-7318-41ec-a749-4323421db2e3\Uninstaller.exe
2015-07-22 19:26:05	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-35b6c1b5-2389-4c7c-8be4-cd85d511918b\Uninstaller.exe
2015-07-22 19:26:03	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-a82601cd-4809-4a11-aa24-d3b61d747ecb\Uninstaller.exe
2015-07-22 19:26:00	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-257b48b9-1e13-433f-ab21-3d7e0eb1bf1f\Uninstaller.exe
2015-07-22 19:25:54	3616AB4898E6880F3D1DD128A3FE858C	352496	----a-w-	C:\Users\cindy\AppData\Local\Temp\uninstaller-WTA-7b4b95fd-ea57-4658-9fd4-a08c7217ba13\Uninstaller.exe
2015-07-22 18:59:18	D7E523E6F4C911EDFF6A8325ACAEE56C	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe
2015-07-22 18:59:18	93EE27EEA252951660682E891B72D7F5	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateWebPlugin.exe
2015-07-22 18:59:18	81A1D591D429FF81D443A993B9B91301	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateBroker.exe
2015-07-22 18:58:55	C42B77A66A4B794A56DFCD2FBEA5AD01	931408	----a-w-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateSetup.exe
2015-07-22 18:58:26	FC8EE235C4F75C96907C25EF1349CB81	130888	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateComRegisterShell64.exe
2015-07-22 18:58:26	92D840650F95EB60659952AEECAFCE85	305992	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
2015-07-22 18:58:19	C6FF00DA1605982E616C03BE809FFE2D	144200	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdate.exe
2015-07-22 18:58:19	54FB3B0B29F76E839C648D2F5983A22C	245576	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
2015-07-22 18:58:16	C42B77A66A4B794A56DFCD2FBEA5AD01	931408	----a-w-	C:\Program Files (x86)\Google\Update\Install\{D9A2CA36-89F8-4A69-B087-A95DCA62D30D}\GoogleUpdateSetup.exe
2015-07-22 18:58:16	C42B77A66A4B794A56DFCD2FBEA5AD01	931408	----a-w-	C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.28.1\GoogleUpdateSetup.exe
=== C: other files ==
2015-07-22 19:53:16	C40F65DDC0AF910BEF2E219C510268F9	7752	----a-w-	C:\Program Files (x86)\Avira\Antivirus\sweb.zip
2015-07-22 19:53:15	A900ED612B02CB3A2A8028866ED62E72	137288	----a-w-	C:\Windows\System32\drivers\avgntflt.sys
2015-07-22 19:53:15	A900ED612B02CB3A2A8028866ED62E72	137288	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avgntflt.sys
2015-07-22 19:53:15	83586138F23A4C284EB68AFC852D7AFA	43576	----a-w-	C:\Windows\System32\drivers\avnetflt.sys
2015-07-22 19:53:15	83586138F23A4C284EB68AFC852D7AFA	43576	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avnetflt.sys
2015-07-22 19:53:15	45061BD6F11B80BF1C07A9253A659BF1	148632	----a-w-	C:\Windows\System32\drivers\avipbb.sys
2015-07-22 19:53:15	45061BD6F11B80BF1C07A9253A659BF1	148632	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avipbb.sys
2015-07-22 19:53:15	390184FAD8FCC1B6DA25AEBAE928C3B6	28600	----a-w-	C:\Windows\System32\drivers\avkmgr.sys
2015-07-22 19:53:15	390184FAD8FCC1B6DA25AEBAE928C3B6	28600	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avkmgr.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2827186333-10210919-3947153205-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="C:\Users\cindy\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"
"Avira Systray"="C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe"
"avgnt"="C:\Program Files (x86)\Avira\Antivirus\avgnt.exe /min"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="C:\Users\cindy\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe"
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"
"Persistence"="C:\WINDOWS\system32\igfxpers.exe"

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-2827186333-10210919-3947153205-1001Core.job --a-------- C:\Users\cindy\AppData\Local\Facebook\Update\FacebookUpdate.exe [04/12/2014 23:29]
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-2827186333-10210919-3947153205-1001UA.job --a-------- C:\Users\cindy\AppData\Local\Facebook\Update\FacebookUpdate.exe [04/12/2014 23:29]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27/03/2013 23:36]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- [Undetermined Task]
C:\WINDOWS\tasks\HP Photo Creations Communicator.job --a-------- C:\ProgramData\HP Photo Creations\Communicator.exe [24/05/2014 18:32]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\ALU" [C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe]
"C:\WINDOWS\SysNative\tasks\ALUAgent" [C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe]
"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2827186333-10210919-3947153205-1001Core" [C:\Users\cindy\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\WINDOWS\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2827186333-10210919-3947153205-1001UA" [C:\Users\cindy\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\HPCustParticipation HP Deskjet 1510 series" ["C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe"]
"C:\WINDOWS\SysNative\tasks\Power Management" ["C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{5AE4AF73-F0CE-4762-B051-FD5B892F62CB}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\WINDOWS\SysNative\tasks\Norton AntiVirus\Norton Error Analyzer" [C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\Norton AntiVirus\Norton Error Processor" [C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\Norton Identity Safe\Norton Error Analyzer" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\Norton Identity Safe\Norton Error Processor" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe]

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 43.0.2357.132

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
flliilndjeohchalpbbcdekjklbdgfkk - No path found[]

Google Docs - cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
AVG Web TuneUp - cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
Google Search - cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Zwinky - cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehjkfdmkpocpileolmldepapdjbfegei
Norton Home Page for Chrome - cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe
The Fault in Our Stars - cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjcjdaehcfknhjbmhjmjmdemfeilmlc
Norton Identity Safe - cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif
Astrology - cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kinaipmdbjhapbamplbbajkoembeocpc
FromDocToPDF - cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk
Norton Security Toolbar - cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
MyWebFace - cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj
Norton Safe Search as default for Chrome - cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl
Google Wallet - cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\cindy\AppData\Local\Google\Chrome\User Data\Default\Preferences
33195639770C","startup_urls":"13B2B86BB6A87DAA1727099D0FE27CE9AB1FFC9E2E78CAF9A4907BD06BDE3210"},"software_reporter":{"prompt_reason":"AC9FE3402CE27C85F20CEF34C1259D031BDF69CB2730534C37BC2094F4F2580F","prompt_seed":"3E39DE12DFAE05B5190C870B33DD05C18069AAFEF900D7B3DB60036B85D93FC3","prompt_version":"DFB69D91CC9080DDA89CC6F9C8F491FB04A0D9E82A785967E20DF940239096AB"},"sync":{"remaining_rollback_tries":"841098C30ECE0BF85EDA98563610C30997555AD5A79FA058BEDF5325A0F80A05"}},"super_mac":"37A1FC10617B1EAB1473FF6925AE96AD1D09214856F3CE1672EEA85F42047726"},"session":{"restore_on_startup":4,"startup_urls":["https://www.google.be/"]},"sync":{"remaining_rollback_tries":0}}


==== Chromium Fix ======================

C:\Users\cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn deleted successfully
C:\Users\cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage deleted successfully
C:\Users\cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehjkfdmkpocpileolmldepapdjbfegei deleted successfully
C:\Users\cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ehjkfdmkpocpileolmldepapdjbfegei_0.localstorage deleted successfully
C:\Users\cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kinaipmdbjhapbamplbbajkoembeocpc deleted successfully
C:\Users\cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kinaipmdbjhapbamplbbajkoembeocpc_0.localstorage deleted successfully
C:\Users\cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk deleted successfully
C:\Users\cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mallpejgeafdahhflmliiahjdpgbegpk_0.localstorage deleted successfully
C:\Users\cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\njienacjggibaeolcbbjfnigbojkcggj deleted successfully
C:\Users\cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_njienacjggibaeolcbbjfnigbojkcggj_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{078876AA-1546-4DD6-AAF5-9A4878E0B24E} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} Google  Url="https://www.google.com/search?trackid=sp-006&q={searchTerms}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\203E62EEA6789D84098513925E9B9999 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE26E302-876A-48D9-9058-3129E5B99999} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\203E62EEA6789D84098513925E9B9999 deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\cindy\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\cindy\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\cindy\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\cindy\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\cindy\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2432 folders=484 1294435824 bytes)

==== Empty Temp Folders ======================

C:\Users\cindy\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\cindy\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on vr 24/07/2015 at 18:43:10,31 ======================