Zoek.exe v5.0.0.0 Updated 02-June-2014 Tool run by Thierry on wo 11/06/2014 at 8:58:48,10. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Thierry\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Running Processes ====================== C:\WINDOWS\system32\wininit.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\system32\Hpservice.exe C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE C:\WINDOWS\system32\svchost.exe -k apphost C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe C:\WINDOWS\system32\dashost.exe c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\WUDFHost.exe C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\DllHost.exe C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\WINDOWS\system32\taskhost.exe C:\WINDOWS\System32\WinLogon.exe C:\WINDOWS\System32\dwm.exe C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\WINDOWS\system32\taskhostex.exe C:\WINDOWS\Explorer.EXE C:\Windows\System32\skydrive.exe C:\Users\Thierry\AppData\Local\Pokki\Engine\pokki.exe C:\Users\Thierry\AppData\Local\Pokki\Engine\pokki.exe C:\Windows\System32\igfxtray.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe C:\Users\Thierry\AppData\Local\Pokki\Engine\pokki.exe C:\Windows\System32\SettingSyncHost.exe C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\taskeng.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\System32\WWAHost.exe svchost.exe C:\WINDOWS\syswow64\wwahost.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k WerSvcGroup C:\Users\Thierry\Desktop\zoek.exe C:\WINDOWS\system32\conhost.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\system32\SearchFilterHost.exe ==== System Restore Info ====================== 11/06/2014 9:01:01 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Malwarebytes Anti-Malware deleted successfully C:\PROGRA~2\VideoLAN deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Users\Thierry\AppData\Local\HP Quick Start deleted successfully C:\Users\Thierry\AppData\Local\PackageStaging deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1049643930-549260389-1984244956-1001\Software\Microsoft\Internet Explorer\SearchScopes\{3186E5E1-77B2-4C12-ADA5-8B592570846E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully HKEY_CLASSES_ROOT\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1049643930-549260389-1984244956-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully ==== Installed Programs ====================== Tools for .Net 3.5 Adobe Flash Player 13 Plugin Adobe Reader XI (11.0.07) - Nederlands Adobe Shockwave Player 12.0 AtuZi Blend for Visual Studio Add-in for Adobe FXG Import Blend for Visual Studio SDK for .NET 4.5 Blend for Visual Studio SDK for Silverlight 5 CCleaner CyberLink LabelPrint CyberLink Media Suite 10 Cyberlink PhotoDirector CyberLink Power2Go 8 CyberLink PowerDirector 10 CyberLink PowerDVD 12 CyberLink YouCam D3DX10 DisableMSDefender Energy Star Entity Framework Designer for Visual Studio 2012 - enu Fotogalerie Galerie de photos Gmail for Pokki Google Chrome Google Update Helper Hewlett-Packard ACLM.NET v1.2.2.3 HP 3D DriveGuard HP Connected Music (Meridian - installer) HP Connected Music (Meridian - player) HP CoolSense HP Customer Experience Enhancements HP Documentation HP Postscript Converter HP Quick Start HP Recovery Manager HP Registration Service HP Support Assistant HP System Event Utility HP Utility Center HP Wireless Button Driver IIS 8.0 Express IIS Express Application Compatibility Database for x64 IIS Express Application Compatibility Database for x86 Intel(R) Management Engine Components Intel(R) Processor Graphics Intel(R) Rapid Storage Technology Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel© Trusted Connect Service Client Kaspersky PURE 3.0 Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft .NET Framework 4.5 Multi-Targeting Pack Microsoft .NET Framework 4.5 SDK Microsoft Application Error Reporting Microsoft ASP.NET and Web Tools 2012.3 - Visual Studio Express 2012 for Web Microsoft ASP.NET MVC 3 - Visual Studio Express 2012 for Web Microsoft ASP.NET MVC 3 Microsoft ASP.NET MVC 4 - Visual Studio Express 2012 for Web - ENU Microsoft ASP.NET MVC 4 Runtime Microsoft ASP.NET Web Pages - Visual Studio Express 2012 for Web Microsoft ASP.NET Web Pages Microsoft ASP.NET Web Pages 2 - Visual Studio Express 2012 for Web - ENU Microsoft ASP.NET Web Pages 2 Runtime Microsoft Expression Blend SDK for .NET 4 Microsoft Expression Blend SDK for Silverlight 4 Microsoft Help Viewer 2.0 Microsoft NuGet - Visual Studio Express 2012 for Web Microsoft Office 365 - nl-nl Microsoft OneDrive Microsoft Portable Library Multi-Targeting Pack Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2012 Command Line Utilities Microsoft SQL Server 2012 Data-Tier App Framework Microsoft SQL Server 2012 Express LocalDB Microsoft SQL Server 2012 Management Objects Microsoft SQL Server 2012 Management Objects (x64) Microsoft SQL Server 2012 Native Client Microsoft SQL Server 2012 T-SQL Language Service Microsoft SQL Server 2012 Transact-SQL Compiler Service Microsoft SQL Server 2012 Transact-SQL ScriptDom Microsoft SQL Server Compact 4.0 SP1 x64 ENU Microsoft SQL Server Data Tools - enu (11.1.20627.00) Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) Microsoft SQL Server System CLR Types Microsoft SQL Server System CLR Types (x64) Microsoft System CLR Types for SQL Server 2012 Microsoft System CLR Types for SQL Server 2012 (x64) Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual Studio 2012 Express Prerequisites x64 - ENU Microsoft Visual Studio 2012 Preparation Microsoft Visual Studio 2012 Shell (Minimum) Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies Microsoft Visual Studio 2012 Shell (Minimum) Resources Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU Microsoft Visual Studio Express 2012 for Web - ENU Microsoft Visual Studio Team Foundation Server 2012 Object Model Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources Microsoft Web Deploy 3.5 Microsoft Web Deploy dbSqlPackage Provider - enu Microsoft Web Platform Installer 5.0 Microsoft WebMatrix 3 Movie Maker MSVCRT MSVCRT110 MSVCRT110_amd64 MySQL Connector Net 6.5.4 MySQL Server 5.1 Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component Photo Common Photo Gallery Pokki Download Helper Prerequisites for SSDT Ralink Bluetooth Stack64 Ralink RT3290 802.11bgn Wi-Fi Adapter Realtek Card Reader Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Samsung AllShare swMSM Synaptics Pointing Device Driver Update for (KB2504637) Update for Microsoft Visual Studio 2012 (KB2781514) Visual Studio 2012 Update 4 (KB2707250) Vuze Windows Live Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinRAR 5.10 beta 1 (64-bit) ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Pokki"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~3\APN deleted C:\PROGRA~3\Package Cache deleted "C:\Users\Thierry\AppData\Local\Pokki\analytics.db" deleted "C:\Users\Thierry\AppData\Local\Pokki\engine_update.db" deleted "C:\Users\Thierry\AppData\Local\Pokki\notifications.db" deleted "C:\Users\Thierry\AppData\Local\Pokki\ocdeskband_0.dll" deleted "C:\Users\Thierry\AppData\Local\Pokki\Engine\avcodec-54.dll" deleted "C:\Users\Thierry\AppData\Local\Pokki\Engine\avformat-54.dll" deleted "C:\Users\Thierry\AppData\Local\Pokki\Engine\avutil-51.dll" deleted "C:\Users\Thierry\AppData\Local\Pokki\Engine\chrome_100_percent.pak" deleted "C:\Users\Thierry\AppData\Local\Pokki\Engine\D3DCompiler_43.dll" deleted "C:\Users\Thierry\AppData\Local\Pokki\Engine\d3dx9_43.dll" deleted "C:\Users\Thierry\AppData\Local\Pokki\Engine\en-US-2-3.bdic" deleted "C:\Users\Thierry\AppData\Local\Pokki\Engine\en-US.pak" deleted "C:\Users\Thierry\AppData\Local\Pokki\Engine\icudt.dll" deleted "C:\Users\Thierry\AppData\Local\Pokki\Engine\libEGL.dll" deleted "C:\Users\Thierry\AppData\Local\Pokki\Engine\libGLESv2.dll" deleted "C:\Users\Thierry\AppData\Local\Pokki\Engine\libPokki.dll" deleted "C:\Users\Thierry\AppData\Local\Pokki\Engine\pokki.exe" deleted "C:\Users\Thierry\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll" deleted "C:\Users\Thierry\AppData\Local\Pokki\Engine\resources.pak" deleted "C:\Users\Thierry\AppData\Local\Pokki\Pokkies\installed_pokkies.db" not deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\lockfile" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Cookies" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Cookies-journal" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Network Action Predictor" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Visited Links" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f-websheet\Cookies" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f-websheet\Network Action Predictor" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\Default\Cookies" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\Default\Network Action Predictor" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\Default\Shortcuts" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cookies" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Network Action Predictor" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Visited Links" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cookies" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Network Action Predictor" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications\Cookies" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications\Network Action Predictor" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications\QuotaManager" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications\QuotaManager-journal" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications\Visited Links" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications-websheet\Cookies" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications-websheet\Network Action Predictor" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Cache\data_0" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Cache\data_1" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Cache\data_2" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Cache\data_3" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Cache\index" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Extension State\000035.log" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Extension State\LOCK" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Extension State\MANIFEST-000034" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Media Cache\data_0" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Media Cache\data_1" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Media Cache\data_2" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Media Cache\data_3" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Media Cache\index" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Session Storage\000016.sst" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Session Storage\000052.log" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Session Storage\LOCK" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Session Storage\MANIFEST-000050" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\User StyleSheets\Custom.css" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f-websheet\Cache\data_0" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f-websheet\Cache\data_1" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f-websheet\Cache\data_2" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f-websheet\Cache\data_3" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f-websheet\Cache\index" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f-websheet\Extension State\000035.log" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f-websheet\Extension State\LOCK" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f-websheet\Extension State\MANIFEST-000034" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\Default\Cache\data_0" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\Default\Cache\data_1" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\Default\Cache\data_2" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\Default\Cache\data_3" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\Default\Cache\index" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\Default\Extension State\000035.log" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\Default\Extension State\LOCK" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\Default\Extension State\MANIFEST-000034" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache\data_0" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache\data_1" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache\data_2" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache\data_3" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache\index" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Extension State\000035.log" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Extension State\LOCK" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Extension State\MANIFEST-000034" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\User StyleSheets\Custom.css" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache\data_0" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache\data_1" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache\data_2" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache\data_3" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache\index" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Extension State\000035.log" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Extension State\LOCK" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Extension State\MANIFEST-000034" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications\Cache\data_0" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications\Cache\data_1" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications\Cache\data_2" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications\Cache\data_3" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications\Cache\index" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications\databases\Databases.db" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications\Extension State\000035.log" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications\Extension State\LOCK" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications\Extension State\MANIFEST-000034" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications\User StyleSheets\Custom.css" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications\databases\file__0\1" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications-websheet\Cache\data_0" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications-websheet\Cache\data_1" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications-websheet\Cache\data_2" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications-websheet\Cache\data_3" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications-websheet\Cache\index" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications-websheet\Extension State\000035.log" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications-websheet\Extension State\LOCK" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications-websheet\Extension State\MANIFEST-000034" deleted "C:\Users\Thierry\AppData\Local\Pokki" not deleted "C:\Users\Thierry\AppData\Local\Pokki\Engine" deleted "C:\Users\Thierry\AppData\Local\Pokki\Pokkies" not deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f-websheet" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\Default" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications-websheet" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Cache" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Extension State" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Media Cache" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\Session Storage" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f\User StyleSheets" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f-websheet\Cache" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\46cb28dc316c165b81c8bb852e61aebfafab644f-websheet\Extension State" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\Default\Cache" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\Default\Extension State" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Cache" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\Extension State" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1\User StyleSheets" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Cache" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\f22abfeae27a67446927d078890381efc546d3e1-websheet\Extension State" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications\Cache" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications\databases" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications\Extension State" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications\User StyleSheets" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications\databases\file__0" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications-websheet\Cache" deleted "C:\Users\Thierry\AppData\Local\Pokki\UserData\notifications-websheet\Extension State" deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 7963 MB CPU Info: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz CPU Speed: 2360,4 MHz Sound Card: luidspreker/Hoofdtelefoon (Real | Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | Intel(R) HD Graphics Family Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Ralink RT3290 802.11bgn Wi-Fi Adapter | Realtek PCIe FE Family Controller CD / DVD Drives: 1x (E: | ) E: hp DVDRAM GU70N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 675,3GB | D: 22,1GB Hard Disks - Free: C: 629,4GB | D: 2,0GB Manufacturer *: Insyde BIOS Info: AT/AT COMPATIBLE | | HPQOEM - 1 Time Zone: Romance (standaardtijd) Motherboard *: Hewlett-Packard 2163 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Kaspersky PURE 3.0 On-access scanning disabled (Outdated) Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Kaspersky PURE 3.0 disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: Kaspersky PURE 3.0 disabled Default Browser: Google Chrome 35.0.1916.114 Internet Explorer Version: 11.0.9600.17107 Google Chrome version: 35.0.1916.114 Adobe Reader version: 11.0.07.79 Flash Player version: 13.0.0.214 Shockwave Player version: 12.0.2r122 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\Thierry\AppData\Local\Temp ==== 2014-06-04 15:31:14 C03AE930BFA8D18B3597FAE1A1704DFE 2818048 ----a-w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\mpam-17a1f2ca.exe 2014-06-04 07:11:28 40395C175553CB14D2050888EFCCDF00 4961800 ----a-w- C:\Users\Thierry\AppData\Local\Temp\vcredist_x64.exe 2014-06-04 07:11:22 45922155C9628E11441AA869C6287BB7 10372136 ----a-w- C:\Users\Thierry\AppData\Local\Temp\BackupSetup.exe ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2014-06-04 09:02:11 0DC5AF80D059DEC792B665ED598C6567 536576 ----a-w- C:\WINDOWS\SysWOW64\sqlite3.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2014-06-04 15:43:26 6FB598E8DE02D879D17B35F144A1B3BC 270496 ------w- C:\WINDOWS\Sysnative\MpSigStub.exe 2014-06-04 15:38:49 48DA65F29BB4C5AD21EC67C2D64700D6 64856 ----a-w- C:\WINDOWS\Sysnative\klfphc.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2014-06-04 15:38:31 AD24A96001837D222B509CD579589DAB 67784 ----a-w- C:\WINDOWS\Sysnative\drivers\CSVirtualDiskDrv.sys 2014-06-04 15:38:31 4199113D7B588AC98575109DE363427E 98504 ----a-w- C:\WINDOWS\Sysnative\drivers\CSCrySec.sys 2014-06-04 15:37:48 F26A21FE88CB263D4CC327C6C5589F48 627264 ----a-w- C:\WINDOWS\Sysnative\drivers\klif.sys 2014-06-04 15:37:48 848E412FCE7485E2657EDF212E5EDC47 92768 ----a-w- C:\WINDOWS\Sysnative\drivers\klflt.sys 2014-05-26 17:29:22 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf 2014-05-26 17:29:22 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_WinUsb_01009.Wdf 2014-05-14 17:09:42 019CC610AD95FF47EAD7C08B7A683B96 257880 ----a-w- C:\WINDOWS\Sysnative\drivers\WdFilter.sys 2014-05-14 17:09:41 6CC1BB8F6851A262E2E824F0E92D5EEF 123224 ----a-w- C:\WINDOWS\Sysnative\drivers\WdNisDrv.sys 2014-05-14 17:09:40 F5D4FA3E1F4879C361FFF3855259D2C2 35856 ----a-w- C:\WINDOWS\Sysnative\drivers\WdBoot.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-06-10 09:23:33 -------- d-----w- C:\Program Files\trend micro 2014-05-17 09:44:19 -------- d-----w- C:\Program Files\Microsoft 2014-05-17 09:28:27 -------- d-----w- C:\Program Files\MySQL 2014-05-17 09:26:18 -------- d-----w- C:\Program Files\runphp ======= C:\PROGRA~2 ===== 2014-06-04 15:37:59 -------- d-----w- C:\PROGRA~2\COMMON~1\InfoWatch 2014-06-04 15:37:56 -------- d-----w- C:\PROGRA~2\Kaspersky Lab 2014-05-17 09:26:35 -------- d-----w- C:\PROGRA~2\MySQL ======= C: ===== ====== C:\Users\Thierry\AppData\Roaming ====== 2014-06-04 15:36:11 -------- d-s---w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Locallow\Microsoft 2014-06-04 08:59:42 -------- d-----w- C:\Users\Thierry\AppData\Local\Programs 2014-05-24 09:31:55 -------- d-----w- C:\Users\Thierry\AppData\Local\Windows Live 2014-05-23 18:46:18 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Microsoft ====== C:\Users\Thierry ====== 2014-06-10 09:22:57 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Thierry\Downloads\RSITx64.exe 2014-06-04 15:37:56 -------- d-----w- C:\ProgramData\Kaspersky Lab 2014-06-04 09:06:11 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Users\Thierry\Desktop\AdwCleaner.exe 2014-06-02 19:09:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OLYMPUS Camera 2014-05-26 17:49:25 -------- d-----r- C:\Users\Thierry\Podcasts 2014-05-17 09:28:27 -------- d-----w- C:\ProgramData\MySQL 2014-05-17 09:26:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL ====== C: exe-files == 2014-06-10 09:23:40 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Thierry.exe 2014-06-10 09:22:57 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Thierry\Downloads\RSITx64.exe 2014-06-09 17:14:50 95945D5465BFEB8469634E76F06FFCBF 64192 ----a-w- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\patch_f_nm.exe 2014-06-09 17:14:50 87BDE6928835D34BE2AAE0ED0BEEA9B0 2113216 ----a-w- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spnmhost.exe 2014-06-09 17:14:50 55EB89C0ABC7189850321723F57FEEAA 2011328 ----a-w- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spuiamanager.exe 2014-06-06 07:11:51 B44B57FBA103976C1BFEA565BD384014 850944 ----a-w- C:\Users\Thierry\AppData\Local\Packages\134D4F5B.Box_2qk4zy5s3qmee\AC\Microsoft\CLR_v4.0_32\NativeImages\Box\28e4be81fd05250f63e015bc32ae4a00\Box.ni.exe 2014-06-04 16:21:20 C1DEA1E17DCF8CEFF46D3C9573C2B270 16480 ----a-w- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\patch_e.exe 2014-06-04 15:20:03 2839BF9E2B335A27EA13434F4CC12242 213549896 ----a-w- C:\Users\Thierry\AppData\Local\Microsoft\Windows\INetCache\IE\XJCG6YPS\pure13.0.2.558nl-nl.exe 2014-06-04 13:09:04 64220EDD70B32B02DE02B207C11382A1 796496 ----a-w- C:\Users\Thierry\AppData\Local\Microsoft\Windows\INetCache\IE\GRCVS7XC\Pokki_GmailSetup.exe 2014-06-04 09:06:11 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Users\Thierry\Desktop\AdwCleaner.exe 2014-06-04 08:59:35 E90BF9E1562F40140161573B79CD5720 17292760 ----a-w- C:\Users\Thierry\AppData\Local\Microsoft\Windows\INetCache\IE\FSKP27E0\mbam-setup-2.0.2.1012.exe 2014-06-04 08:59:04 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Users\Thierry\AppData\Local\Microsoft\Windows\INetCache\IE\4PFFWKW2\AdwCleaner.exe 2014-06-04 07:11:46 ACCFF193BF83CA1D84FC8CD72D263FB9 237640 ----a-w- C:\Users\Thierry\AppData\Local\Microsoft\Windows\INetCache\IE\GRCVS7XC\spstub[1].exe 2014-06-04 07:11:28 40395C175553CB14D2050888EFCCDF00 4961800 ----a-w- C:\Users\Thierry\AppData\Local\Temp\vcredist_x64.exe 2014-06-04 07:11:22 45922155C9628E11441AA869C6287BB7 10372136 ----a-w- C:\Users\Thierry\AppData\Local\Temp\BackupSetup.exe === C: other files == 2014-06-09 17:14:50 5D1971103016CBD45FD6C07EB8127105 90424 ----a-w- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\kpmautofillnm.crx 2014-06-04 15:38:31 AD24A96001837D222B509CD579589DAB 67784 -c--a-w- C:\Windows\System32\DRVSTORE\CSVirtualD_F7916E11D7681A24B36211064D371658D8254487\win8\amd64\CSVirtualDiskDrv.sys 2014-06-04 15:38:31 AD24A96001837D222B509CD579589DAB 67784 ----a-w- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys 2014-06-04 15:38:31 4199113D7B588AC98575109DE363427E 98504 -c--a-w- C:\Windows\System32\DRVSTORE\CSCrySec_w_F7916E11D7681A24B36211064D371658D8254487\win8\amd64\CSCrySec.sys 2014-06-04 15:38:31 4199113D7B588AC98575109DE363427E 98504 ----a-w- C:\Windows\System32\drivers\CSCrySec.sys 2014-06-04 15:37:48 F26A21FE88CB263D4CC327C6C5589F48 627264 ----a-w- C:\Windows\System32\drivers\klif.sys 2014-06-04 15:37:48 848E412FCE7485E2657EDF212E5EDC47 92768 ----a-w- C:\Windows\System32\drivers\klflt.sys ==== Startup Registry Enabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BtTray"="C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" "YouCam Service"="C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe /s" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AccelerometerSysTrayApplet"="C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe" "HPMessageService"="C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe" "AVP"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\runner_avp.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" ==== Startup Folders ====================== 2014-06-03 17:36:25 1136 ----a-w- C:\Users\Thierry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13/05/2014 19:55] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/03/2014 21:19] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- :C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [] C:\WINDOWS\tasks\HPCeeScheduleForThierry.job --a-------- [Undetermined Task] C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job --a-------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [28/03/2014 21:22] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe] "C:\WINDOWS\SysNative\tasks\CLVDLauncher" [C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\HPCeeScheduleForThierry" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{274C796D-747B-4FC6-B185-93EC930A948D}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon" [C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "online_banking@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com" [09/06/2014 19:14] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx[28/11/2013 12:06] hakdifolhalapjijoafobooafbilfakh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx[28/11/2013 12:06] hghkgaeecgjhjkannahfamoehjmkjail - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx[28/11/2013 12:03] jagncdcchgajhfhijbbhecadmaiegcmh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx[28/11/2013 12:03] lpoimibckejjdjcfbdnajaicnklhfplh - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh[] pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx[28/11/2013 12:06] Google Docs - Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Kaspersky URL Advisor - Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj Safe Money - Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh Content Blocker - Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail Virtual Keyboard - Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh Kaspersky Protection - Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh OneDrive - Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk Google Wallet - Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Chloe - Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pillplnpmfjckedkedpaoembffbpklnf Gmail - Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Anti-Banner - Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman ==== Chrome Fix ====================== C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1553-29906-12136-18/4" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\runner_avp.exe" O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm O9 - Extra button: Virtueel Toetsenbord - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Controle van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Kaspersky Anti-Virus-service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: @oem39.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing) O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Thierry\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Thierry\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Thierry\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3990 folders=419 898081246 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Thierry\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Thierry\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Thierry\AppData\Local\Pokki\Pokkies\installed_pokkies.db" not found "C:\Users\Thierry\AppData\Local\Pokki" not found ==== EOF on wo 11/06/2014 at 9:18:20,43 ======================