
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by user on za 03/05/2014 at 21:48:29,74.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\user\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

3/05/2014 21:52:06 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\GUM905D.tmp deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\Program Files\log deleted successfully
C:\Program Files\Paint.NET deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\WinZipEC deleted successfully
C:\Users\user\AppData\Roaming\Systweak deleted successfully
C:\Users\user\AppData\Roaming\TP deleted successfully
C:\Users\Gast\AppData\Local\VirtualStore deleted successfully
C:\Users\user\AppData\Local\MigWiz deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-151403999-931789392-3130884974-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_USERS\S-1-5-21-151403999-931789392-3130884974-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_USERS\S-1-5-21-151403999-931789392-3130884974-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-151403999-931789392-3130884974-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-151403999-931789392-3130884974-1001\Software\Microsoft\Internet Explorer\SearchScopes\{168085A2-8253-48BB-8CEE-30FD70A3086E} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util melondrea deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.0 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater18.1.0 deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ib6buyei.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs_20140305_2203_.backup

ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\r8ffzqmc.default

user.js not found
---- Lines ask.com removed from prefs.js ----
user_pref("browser.search.defaultengine", "Ask.com");
user_pref("browser.search.defaultenginename", "Ask.com");
user_pref("browser.search.order.1", "Ask.com");
user_pref("browser.search.selectedEngine", "Ask.com");
---- Lines asktb removed from prefs.js ----
user_pref("extensions.asktb.ff-original-keyword-url", "");
---- FireFox user.js and prefs.js backups ---- 

prefs_20140305_2203_.backup

ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\toolbar@ask.com

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs_20140305_2203_.backup

ProfilePath: C:\Users\user\AppData\Roaming\TomTom\HOME\Profiles\grvcv831.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs_20140305_2203_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
""=- 

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Ask.com deleted
C:\Users\user\AppData\Roaming\ParetoLogic deleted
C:\Users\user\AppData\Roaming\DriverCure deleted
C:\PROGRA~3\Ask deleted
C:\PROGRA~3\ParetoLogic deleted
C:\PROGRA~3\AVG Secure Search deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Gast\AppData\Local\AVG Secure Search deleted
C:\Users\user\AppData\Local\APN deleted
C:\Users\user\AppData\Local\AVG Secure Search deleted
C:\windows\sysWoW64\config\systemprofile\AppData\Local\AVG Secure Search deleted
C:\windows\SysNative\roboot64.exe deleted
C:\Users\user\Downloads\sysrc_trial_25044.exe deleted
C:\Users\user\Downloads\SoftonicDownloader_voor_licensecrawler.exe deleted
C:\Users\Gast\AppData\LocalLow\AVG Secure Search deleted
C:\Users\Gast\AppData\LocalLow\AskToolbar deleted
C:\Users\user\AppData\LocalLow\AVG Secure Search deleted
C:\Users\user\AppData\LocalLow\AskToolbar deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\windows\SysNative\TASKS\Scheduled Update for Ask Toolbar deleted
C:\windows\Syswow64\sho2F8B.tmp deleted
C:\windows\Syswow64\sho4DFE.tmp deleted
C:\windows\Syswow64\sho56C7.tmp deleted
C:\windows\Syswow64\sho8039.tmp deleted
C:\windows\Syswow64\sho847C.tmp deleted
C:\windows\Syswow64\sho8B3B.tmp deleted
C:\windows\Syswow64\shoD134.tmp deleted
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\toolbar@ask.com\searchplugins\askcom.xml deleted
C:\windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} deleted
C:\Users\user\Desktop\CyberLink_YouCam_Downloader.exe deleted
"C:\Program Files (x86)\melondrea\updatemelondrea.exe" deleted
"C:\PROGRA~2\AVG Secure Search\vprot.exe" deleted
"C:\PROGRA~2\AVG Secure Search\vprot.exe" deleted
"C:\PROGRA~2\melondrea\updatemelondrea.exe" deleted
"C:\Program Files (x86)\melondrea\bin\melondrea.BrowserAdapter.exe" deleted
"C:\Program Files (x86)\melondrea\bin\melondrea.PurBrowse64.exe" deleted
"C:\Program Files (x86)\melondrea\bin\utilmelondrea.exe" deleted
"C:\Program Files (x86)\melondrea\bin\{c047df5e-0fda-4055-b5db-a96a8a34a094}.dll" deleted
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\log4cplusU.dll" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\18.1.0\SiteSafety.dll" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\18.1.0\log4cplusU.dll" deleted
"C:\PROGRA~2\melondrea\bin\melondrea.BrowserAdapter.exe" deleted
"C:\PROGRA~2\melondrea\bin\melondrea.PurBrowse64.exe" deleted
"C:\PROGRA~2\melondrea\bin\utilmelondrea.exe" deleted
"C:\PROGRA~2\melondrea\bin\{c047df5e-0fda-4055-b5db-a96a8a34a094}.dll" deleted
"C:\Program Files (x86)\melondrea" not deleted
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater" deleted
"C:\PROGRA~2\AVG Secure Search" deleted
"C:\PROGRA~2\AVG Secure Search" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted
"C:\PROGRA~2\melondrea" not deleted
"C:\Program Files (x86)\melondrea\bin" not deleted
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\18.1.0" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\18.1.0" deleted
"C:\PROGRA~2\melondrea\bin" not deleted

==== Files Recently Created / Modified ======================

====== C:\windows ====
====== C:\Users\user\AppData\Local\Temp ====
2014-04-30 07:10:54	FE447D1CD38CECAC2331FA932078D9A0	271360	----a-w-	C:\Users\user\AppData\Local\Temp\D099A5C0-6722-4976-A96D-E3A8BDB2ECC7\SmiProvider.dll
2014-04-30 07:10:54	FC2DB5842190C6E78A40CD7DA483B27C	435712	----a-w-	C:\Users\user\AppData\Local\Temp\D099A5C0-6722-4976-A96D-E3A8BDB2ECC7\DmiProvider.dll
2014-04-30 07:10:54	FC00A05639494779002682A9B965EF9C	471040	----a-w-	C:\Users\user\AppData\Local\Temp\D099A5C0-6722-4976-A96D-E3A8BDB2ECC7\WimProvider.dll
2014-04-30 07:10:54	F2B0771A7CD27F20689E0AB787B7EB7C	289792	----a-w-	C:\Users\user\AppData\Local\Temp\D099A5C0-6722-4976-A96D-E3A8BDB2ECC7\DismCore.dll
2014-04-30 07:10:54	EFCB002ABC3529D71B61E6FB6434566C	762368	----a-w-	C:\Users\user\AppData\Local\Temp\D099A5C0-6722-4976-A96D-E3A8BDB2ECC7\CbsProvider.dll
2014-04-30 07:10:54	E7CAED467F80B29F4E63BA493614DBB1	127488	----a-w-	C:\Users\user\AppData\Local\Temp\D099A5C0-6722-4976-A96D-E3A8BDB2ECC7\OSProvider.dll
2014-04-30 07:10:54	C9D74156913061BE6C51D8FC3ACF8E93	53760	----a-w-	C:\Users\user\AppData\Local\Temp\D099A5C0-6722-4976-A96D-E3A8BDB2ECC7\FolderProvider.dll
2014-04-30 07:10:54	BBB9E4FA2561F6A6E5CCF25DA069AC1B	313344	----a-w-	C:\Users\user\AppData\Local\Temp\D099A5C0-6722-4976-A96D-E3A8BDB2ECC7\IntlProvider.dll
2014-04-30 07:10:54	9A821D8D62F4C60232B856E98CBA7E4F	96768	----a-w-	C:\Users\user\AppData\Local\Temp\D099A5C0-6722-4976-A96D-E3A8BDB2ECC7\DismHost.exe
2014-04-30 07:10:54	8D3855B133E21143E8B4BFADB9FB14A3	302080	----a-w-	C:\Users\user\AppData\Local\Temp\D099A5C0-6722-4976-A96D-E3A8BDB2ECC7\UnattendProvider.dll
2014-04-30 07:10:54	8CA117CB9338C0351236939717CB7084	186368	----a-w-	C:\Users\user\AppData\Local\Temp\D099A5C0-6722-4976-A96D-E3A8BDB2ECC7\DismProv.dll
2014-04-30 07:10:54	7B38D7916A7CD058C16A0A6CA5077901	271360	----a-w-	C:\Users\user\AppData\Local\Temp\D099A5C0-6722-4976-A96D-E3A8BDB2ECC7\wdscore.dll
2014-04-30 07:10:54	739968678548BA15F6B9372E8760C012	444416	----a-w-	C:\Users\user\AppData\Local\Temp\D099A5C0-6722-4976-A96D-E3A8BDB2ECC7\TransmogProvider.dll
2014-04-30 07:10:54	6A4BD682396F29FD7DF5AB389509B950	183296	----a-w-	C:\Users\user\AppData\Local\Temp\D099A5C0-6722-4976-A96D-E3A8BDB2ECC7\CompatProvider.dll
2014-04-30 07:10:54	5488E381238FF19687FDD7AB2F44CFCC	111616	----a-w-	C:\Users\user\AppData\Local\Temp\D099A5C0-6722-4976-A96D-E3A8BDB2ECC7\DismCorePS.dll
2014-04-30 07:10:54	45FF4FA5CA5432BFCCDED4433FE2A85B	216576	----a-w-	C:\Users\user\AppData\Local\Temp\D099A5C0-6722-4976-A96D-E3A8BDB2ECC7\MsiProvider.dll
2014-04-29 09:41:53	A95A497DBBE272FBD39349979D059AA0	30809896	----a-w-	C:\Users\user\AppData\Local\Temp\Garmin\Express\GarminExpressInstaller.exe
====== Java Cache =====
====== C:\windows\SysWOW64 =====
2014-05-03 14:02:45	5869FBC754578A59C8C8635B99DB79DE	17384448	----a-w-	C:\windows\SysWOW64\mshtml.dll
2014-05-03 14:02:45	2518D1922371892ADEF1F07147DBD72A	2724864	----a-w-	C:\windows\SysWOW64\mshtml.tlb
2014-04-29 11:32:52	CE6921D33682C6C3DB8A45853CC69402	455168	----a-w-	C:\windows\SysWOW64\vbscript.dll
2014-04-29 11:32:52	AA12D7A960DB78DD9690AB5B5DAE6586	440832	----a-w-	C:\windows\SysWOW64\ieui.dll
2014-04-29 11:32:47	EDACA6C44D9CE200F899B7DB0F201DFF	164864	----a-w-	C:\windows\SysWOW64\msrating.dll
2014-04-29 11:32:47	7E9FE7DB43BC204E44F159F843E35C15	367616	----a-w-	C:\windows\SysWOW64\dxtmsft.dll
2014-04-29 11:32:47	34FC79C948EE2C5FD0CD699E7D7F91B7	244224	----a-w-	C:\windows\SysWOW64\dxtrans.dll
2014-04-29 11:32:46	EBC35FE64056910A84485BEEB6DCCAC6	524288	----a-w-	C:\windows\SysWOW64\msfeeds.dll
2014-04-29 11:32:46	C9CA9803299EB6AFA34CB520BAAB083D	32256	----a-w-	C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-29 11:32:46	82287FCFFA4A2D60FD744E3FEB3192C5	61952	----a-w-	C:\windows\SysWOW64\iesetup.dll
2014-04-29 11:32:46	31385A6CAA31BE9D07B0B32E5AA99ABB	43008	----a-w-	C:\windows\SysWOW64\jsproxy.dll
2014-04-29 11:32:46	21BF6759685FD193715B483F2B3F21B1	112128	----a-w-	C:\windows\SysWOW64\ieUnatt.exe
2014-04-29 11:32:46	0FDC1A576A3F40420882C0F7C4A66EAD	32768	----a-w-	C:\windows\SysWOW64\iernonce.dll
2014-04-29 11:32:44	BB185D4A9362AA17CBCEC0768CDBF249	704512	----a-w-	C:\windows\SysWOW64\ieapfltr.dll
2014-04-29 11:32:44	6557B48D53D653CFCCE3CB1CFA53A8E1	51200	----a-w-	C:\windows\SysWOW64\ieetwproxystub.dll
2014-04-29 11:32:44	0F4A295516781897FFB09B4CCF2E8798	592896	----a-w-	C:\windows\SysWOW64\jscript9diag.dll
2014-04-29 11:32:43	05BD47136DE62FAFE9F95B40E4100144	2178048	----a-w-	C:\windows\SysWOW64\iertutil.dll
2014-04-29 11:32:42	E4E829EE073E046B0EB19B5FECB19B8C	1789440	----a-w-	C:\windows\SysWOW64\wininet.dll
2014-04-29 11:32:42	C4A383FD50FBD7E274DD41CF571DF898	1967104	----a-w-	C:\windows\SysWOW64\inetcpl.cpl
2014-04-29 11:32:42	76F58DB8F85C125E0D6B3AA42F3BF1D0	1143808	----a-w-	C:\windows\SysWOW64\urlmon.dll
2014-04-29 11:32:41	2AFBB91BBD2378933B26E6D68C140D1B	11745792	----a-w-	C:\windows\SysWOW64\ieframe.dll
2014-04-29 11:32:40	8C46360D6EF9D4C563FE834C4F287DA3	4254720	----a-w-	C:\windows\SysWOW64\jscript9.dll
2014-04-24 07:46:41	6EA69D2312F3571F6F8BEADD224165E8	264616	----a-w-	C:\windows\SysWOW64\javaws.exe
2014-04-24 07:46:35	9533FE0A942E00114047140B42DF8E3D	175016	----a-w-	C:\windows\SysWOW64\java.exe
2014-04-24 07:46:35	3B10B54F50CD362537B9F2186267EDF8	96168	----a-w-	C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-24 07:46:35	37C15684482B4D596316735DCEEE939A	175528	----a-w-	C:\windows\SysWOW64\javaw.exe
====== C:\windows\SysWOW64\drivers =====
====== C:\windows\Sysnative =====
2014-05-03 14:02:46	A98DA2EC1E56CF52C682D072F77D9874	23547904	----a-w-	C:\windows\Sysnative\mshtml.dll
2014-05-03 14:02:45	DE5DE05946D6FC2DC494C55BC7BC4C6E	2724864	----a-w-	C:\windows\Sysnative\mshtml.tlb
2014-04-29 11:32:53	7446786E7092ABE122D372F95E6ED74B	574976	----a-w-	C:\windows\Sysnative\ieui.dll
2014-04-29 11:32:52	FFF555C177D9F2B79B5C3146BED09FB1	548352	----a-w-	C:\windows\Sysnative\vbscript.dll
2014-04-29 11:32:49	D6067F7EE060C5D6D79008AD591B4E3B	33792	----a-w-	C:\windows\Sysnative\iernonce.dll
2014-04-29 11:32:49	964C89BC8A52A260D68C90FDDEB862E2	38400	----a-w-	C:\windows\Sysnative\JavaScriptCollectionAgent.dll
2014-04-29 11:32:49	3F498856C68725717195C16568FE19D0	586240	----a-w-	C:\windows\Sysnative\ie4uinit.exe
2014-04-29 11:32:48	72116CC377FF4281B0132C397026D911	4096	----a-w-	C:\windows\Sysnative\ieetwcollectorres.dll
2014-04-29 11:32:47	E0D95345D1EBB54F28E958782B9C0CE0	453120	----a-w-	C:\windows\Sysnative\dxtmsft.dll
2014-04-29 11:32:47	CFBA793F678EB3855052ECF99357A9A1	296960	----a-w-	C:\windows\Sysnative\dxtrans.dll
2014-04-29 11:32:47	3F547245C78F4847B73EDDFD4A2F7E12	752640	----a-w-	C:\windows\Sysnative\jscript9diag.dll
2014-04-29 11:32:46	E7161E2C66FF9B1E87C30FC9D2497ABB	195584	----a-w-	C:\windows\Sysnative\msrating.dll
2014-04-29 11:32:46	CB57E934280D346AE0A9B053DAA284C5	51200	----a-w-	C:\windows\Sysnative\jsproxy.dll
2014-04-29 11:32:46	A3F9A9E46BDDBB8B20B7CF3EEDB990F2	66048	----a-w-	C:\windows\Sysnative\iesetup.dll
2014-04-29 11:32:46	75AD355828187145A60E3DC7BAF7B0F3	628736	----a-w-	C:\windows\Sysnative\msfeeds.dll
2014-04-29 11:32:46	1BF215FF4DF6DE10D2F81A2CE85157D2	139264	----a-w-	C:\windows\Sysnative\ieUnatt.exe
2014-04-29 11:32:44	EBAD8A4D048ED257E4A45F6356541F86	846336	----a-w-	C:\windows\Sysnative\ieapfltr.dll
2014-04-29 11:32:44	915D8A9E112C97C90C654F792B6B28B9	48640	----a-w-	C:\windows\Sysnative\ieetwproxystub.dll
2014-04-29 11:32:43	A3A132CBE48AF0324466469F2CAAE8A2	111616	----a-w-	C:\windows\Sysnative\ieetwcollector.exe
2014-04-29 11:32:43	710FD0E362A1A5C087DB90C1BAC46411	940032	----a-w-	C:\windows\Sysnative\MsSpellCheckingFacility.exe
2014-04-29 11:32:43	1F8534A19A66275C863DE17645CB2A13	2767360	----a-w-	C:\windows\Sysnative\iertutil.dll
2014-04-29 11:32:42	F220BA78AB542C70211D73AE4729B2CD	2260480	----a-w-	C:\windows\Sysnative\wininet.dll
2014-04-29 11:32:42	A14BB2F5F6457738AAA11367F5172A05	13551104	----a-w-	C:\windows\Sysnative\ieframe.dll
2014-04-29 11:32:42	32417AE8280276968E5C551ED85D3525	1400832	----a-w-	C:\windows\Sysnative\urlmon.dll
2014-04-29 11:32:42	1654093C8BD3342997D27B71684ACCE8	2043904	----a-w-	C:\windows\Sysnative\inetcpl.cpl
2014-04-29 11:32:40	BF25489459C7A762DD7B3186C7E3984D	5784064	----a-w-	C:\windows\Sysnative\jscript9.dll
====== C:\windows\Sysnative\drivers =====
2014-04-25 17:48:22	6566D572729770C5F769E0C0804E236E	61112	----a-w-	C:\windows\Sysnative\drivers\{c047df5e-0fda-4055-b5db-a96a8a34a094}w64.sys
2014-04-09 09:16:16	B3222734D80013D2C73841B0C549FA63	27584	----a-w-	C:\windows\Sysnative\drivers\Diskdump.sys
2014-04-09 09:16:16	A3F0BC5897F9D3786A3CB695B163633A	190912	----a-w-	C:\windows\Sysnative\drivers\storport.sys
2014-04-09 09:16:16	96BB922A0981BC7432C8CF52B5410FE6	274880	----a-w-	C:\windows\Sysnative\drivers\msiscsi.sys
2014-04-09 09:16:13	1A29A59A4C5BA6F8C85062A613B7E2B2	1684928	----a-w-	C:\windows\Sysnative\drivers\ntfs.sys
====== C:\windows\Tasks ======
2014-04-29 08:13:33	C318B94E2E593EA8D32057D2B10DDEC1	3198	----a-w-	C:\windows\Sysnative\Tasks\{9CBC90CF-6732-458F-80FC-30153C9586B4}
2014-04-18 17:54:25	A5476A05FCE2A551DEB9773F972D24DA	3554	----a-w-	C:\windows\Sysnative\Tasks\GarminUpdaterTask
====== C:\windows\Temp ======
======= C:\Program Files =====
2014-05-03 11:50:52	--------	d-----w-	C:\Program Files\trend micro
2014-04-18 15:52:44	--------	d-----w-	C:\Program Files\Garmin GPS Plugin
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\user\AppData\Roaming ======
2014-05-02 07:59:57	--------	d-sh--w-	C:\Users\user\AppData\Locallow\EmieUserList
2014-05-02 07:59:57	--------	d-sh--w-	C:\Users\user\AppData\Local\EmieUserList
2014-05-02 07:59:57	--------	d-sh--w-	C:\Users\user\AppData\Local\EmieSiteList
2014-05-02 07:59:55	--------	d-sh--w-	C:\Users\user\AppData\Locallow\EmieSiteList
2014-04-27 18:19:28	--------	d-----w-	C:\Users\user\AppData\Local\GARMIN_Corp
2014-04-18 16:24:33	--------	d-----w-	C:\Users\user\AppData\Local\Garmin
2014-04-18 16:22:52	--------	d-----w-	C:\windows\sysWoW64\config\systemprofile\AppData\Roaming\Garmin
====== C:\Users\user ======
2014-05-03 11:49:31	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\user\Downloads\RSITx64.exe
2014-04-29 08:16:58	A3E2C684F191605591EA31F5EAC9FFC9	5096296	----a-w-	C:\Users\user\Downloads\USBDrivers_231.exe
2014-04-29 08:09:32	A645D5E9D7469041D50751287621DD55	6440112	----a-w-	C:\Users\user\Downloads\CommunicatorPluginwithmyGarminAgent_292withAgent22.exe
2014-04-28 19:13:39	9D31DCA8DDD5A1326F82D029058F0D37	30751816	----a-w-	C:\Users\user\Downloads\GarminExpress.exe
2014-04-18 16:22:43	--------	d-----w-	C:\ProgramData\Garmin

====== C: exe-files ==
2014-05-03 20:04:42	D0EAF188230C6DBA6E4F7993655113D0	95520	----a-w-	C:\Program Files (x86)\melondrea\bin\melondrea.BrowserAdapter.exe
2014-05-03 11:50:53	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\user.exe
2014-05-03 11:49:31	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\user\Downloads\RSITx64.exe
2014-05-02 06:25:49	7F8C51FA0201B48478D26222293D4AEC	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-151403999-931789392-3130884974-1001\$IWDR6QW.exe
2014-04-30 08:04:26	A645D5E9D7469041D50751287621DD55	6440112	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-151403999-931789392-3130884974-1001\$RWDR6QW.exe
2014-04-30 07:10:54	9A821D8D62F4C60232B856E98CBA7E4F	96768	----a-w-	C:\Users\user\AppData\Local\Temp\D099A5C0-6722-4976-A96D-E3A8BDB2ECC7\DismHost.exe
2014-04-29 11:32:51	F972DDD19A10F53D74021DDEAC07CCA6	470016	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-04-29 11:32:51	E0155A11B26C7D5347069AB7ACB62D02	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2014-04-29 11:32:51	C5C7E33308BAE18BD9F59F9A93E85D33	482816	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2014-04-29 11:32:51	BEA4E0C0BA936E8A3DB24D1A37BF70BE	222720	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2014-04-29 11:32:49	3F498856C68725717195C16568FE19D0	586240	----a-w-	C:\Windows\System32\ie4uinit.exe
2014-04-29 11:32:46	21BF6759685FD193715B483F2B3F21B1	112128	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2014-04-29 11:32:46	1BF215FF4DF6DE10D2F81A2CE85157D2	139264	----a-w-	C:\Windows\System32\ieUnatt.exe
2014-04-29 11:32:43	A3A132CBE48AF0324466469F2CAAE8A2	111616	----a-w-	C:\Windows\System32\ieetwcollector.exe
2014-04-29 11:32:43	710FD0E362A1A5C087DB90C1BAC46411	940032	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2014-04-29 11:32:42	EA8386CA87165460D39A1D29FF11080B	809680	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2014-04-29 11:32:42	0667ED9F8E905E1F73DB60ACCEDCBCA7	811728	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-04-29 09:41:53	A95A497DBBE272FBD39349979D059AA0	30809896	----a-w-	C:\Users\user\AppData\Local\Temp\Garmin\Express\GarminExpressInstaller.exe
2014-04-29 08:16:58	A3E2C684F191605591EA31F5EAC9FFC9	5096296	----a-w-	C:\Users\user\Downloads\USBDrivers_231.exe
2014-04-29 08:09:32	A645D5E9D7469041D50751287621DD55	6440112	----a-w-	C:\Users\user\Downloads\CommunicatorPluginwithmyGarminAgent_292withAgent22.exe
2014-04-28 19:13:39	9D31DCA8DDD5A1326F82D029058F0D37	30751816	----a-w-	C:\Users\user\Downloads\GarminExpress.exe
2014-04-28 19:07:59	D6266E949C308D1DA7F8819B7482A00C	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-151403999-931789392-3130884974-1001\$I7228LW.exe
2014-04-28 19:07:20	6ADA8B54483D6A7C1C02F5BB265614C7	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-151403999-931789392-3130884974-1001\$IZJFHFG.exe
2014-04-28 19:04:34	A95A497DBBE272FBD39349979D059AA0	30809896	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-151403999-931789392-3130884974-1001\$RZJFHFG.exe
2014-04-28 17:28:52	79CACA103DA5AB8EBED082503615CD37	1119448	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\34.0.1847.131\34.0.1847.131_34.0.1847.116_chrome_updater.exe
2014-04-27 18:44:28	A95A497DBBE272FBD39349979D059AA0	30809896	----a-w-	C:\ProgramData\Garmin\Core Update Service\APP-express-windows-3.1.8.0\GarminExpressInstaller.exe
2014-04-27 10:18:25	CBD1CB6EEEE2094FB32E30F3CE716916	6413336	----a-w-	C:\Windows\Temp\{D22532E1-8700-4A69-80DA-44B7B09419F0}.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-151403999-931789392-3130884974-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Everyday Auto Backup"="C:\Program Files (x86)\Everyday Auto Backup\AutoBackup.exe /1"
"ISUSPM Startup"="C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup"
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Google Update"="C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"Google Update"="C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Facebook Update"="C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
"LaCie Desktop Manager Startup"="C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe"
"LaCie Backup"="C:\Program Files (x86)\LaCie\Backup Software\\LaCieBackup.exe /background"
"GBMLite8AgentLaCie"="C:\Program Files (x86)\LaCie\Genie Backup Assistant\GBMAgent.exe"

[HKEY_USERS\S-1-5-21-151403999-931789392-3130884974-1005\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-151403999-931789392-3130884974-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"AVP"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe"
"vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"PMBVolumeWatcher"="C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe"
"beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"NBAgent"="C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe /WinStart"
"MyGarminAgent"="C:\Program Files (x86)\Garmin\MyGarminAgent\MyGarminAgent.exe"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"
"PMBVolumeWatcher"="C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe"
"ISUSScheduler"="C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe -start"
"GBMLite8AgentLaCie"="C:\Program Files (x86)\LaCie\Genie Backup Assistant\GBMAgent.exe"
"ApnUpdater"="C:\Program Files (x86)\Ask.com\Updater\Updater.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Everyday Auto Backup"="C:\Program Files (x86)\Everyday Auto Backup\AutoBackup.exe /1"
"ISUSPM Startup"="C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup"
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Google Update"="C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"Google Update"="C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Facebook Update"="C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
"LaCie Desktop Manager Startup"="C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe"
"LaCie Backup"="C:\Program Files (x86)\LaCie\Backup Software\\LaCieBackup.exe /background"
"GBMLite8AgentLaCie"="C:\Program Files (x86)\LaCie\Genie Backup Assistant\GBMAgent.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll C:\\Windows\\SysWOW64\\nvinit.dll,C:\\windows\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Persistence"="C:\windows\system32\igfxpers.exe"
"IgfxTray"="C:\windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\windows\system32\hkcmd.exe"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"LaCie Desktop Manager Launcher"="C:\Program Files\LaCie\Desktop Manager\lacie_launcherd.exe"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\System32\\nvinitx.dll C:\\Windows\\System32\\nvinitx.dll,C:\\windows\\system32\\nvinitx.dll"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Apple Mobile Device]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bonjour Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\btwdins]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\GameConsoleService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gusvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iPod Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LMS]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MBAMScheduler]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MBAMService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NAUpdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NVSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\nvUpdatusService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\PMBDeviceInfoProvider]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RichVideo]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Samsung UPD Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Skype C2C Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TurboBoost]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\UNS]


==== Startup Folders ======================

2013-02-24 16:14:45	1296	----a-w-	C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [02/05/2014 16:55]
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-151403999-931789392-3130884974-1001Core.job --a------ C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe [11/07/2012 22:52]
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-151403999-931789392-3130884974-1001UA.job --a------ C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe [11/07/2012 22:52]
C:\windows\tasks\GBM - Back-uptaak met eenvoudige indeling-Volledig.job --a------ C:\Program Files (x86)\LaCie\Genie Backup Assistant\GBM8.exe [14/10/2009 04:57]
C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [06/11/2011 17:32]
C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [06/11/2011 17:32]
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-151403999-931789392-3130884974-1001Core.job --a------ C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [21/07/2013 09:20]
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-151403999-931789392-3130884974-1001UA.job --a------ C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [21/07/2013 09:20]

==== Other Scheduled Tasks ======================

"C:\windows\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\windows\SysNative\tasks\advSRS5" ["C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"]
"C:\windows\SysNative\tasks\BatteryLifeExtender" [C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe]
"C:\windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files (x86)\CCleaner\CCleaner.exe"]
"C:\windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\windows\SysNative\tasks\EasyBatteryManager" ["%ProgramFiles(x86)%\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe"]
"C:\windows\SysNative\tasks\EasyDisplayMgr" ["C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe"]
"C:\windows\SysNative\tasks\EasyPartitionManager" [C:\Windows\MSetup\BA46-12225A02\EPM.exe]
"C:\windows\SysNative\tasks\EasySpeedUpManager" ["%programfiles(x86)%\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe"]
"C:\windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-151403999-931789392-3130884974-1001Core" [C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-151403999-931789392-3130884974-1001UA" [C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe]
"C:\windows\SysNative\tasks\GBM - Back-uptaak met eenvoudige indeling-Volledig" [C:\Program Files (x86)\LaCie\Genie Backup Assistant\GBM8.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-151403999-931789392-3130884974-1001Core" [C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-151403999-931789392-3130884974-1001UA" [C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\HpWebReg.exe" [C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HpWebReg.exe]
"C:\windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]
"C:\windows\SysNative\tasks\MovieColorEnhancer" ["C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe"]
"C:\windows\SysNative\tasks\SRS Premium Sound" [C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel_64.exe]
"C:\windows\SysNative\tasks\SUPBackground" ["%ProgramFiles(x86)%\Samsung\Samsung Update Plus\SUPBackground.exe"]
"C:\windows\SysNative\tasks\WifiManager" ["%programfiles(x86)%\Samsung\Easy Display Manager\WifiManager.exe"]
"C:\windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
"C:\windows\SysNative\tasks\Symantec\Norton Error Analyzer 18.7.2.3" [C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\18.7.2.3\SymErr.exe]
"C:\windows\SysNative\tasks\Symantec\Norton Error Processor 18.7.2.3" [C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\18.7.2.3\SymErr.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\user\AppData\Roaming\TomTom\HOME\Profiles\grvcv831.default
- Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Carminat TomTom - %ProfilePath%\extensions\RenaultTheme@tomtom.com

ExtDir: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles
- Ask Toolbar - %ExtDir%\toolbar@ask.com

ExtDir: C:\Users\user\AppData\Roaming\Mozilla\Extensions
- Ask Toolbar - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\toolbar@ask.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ib6buyei.default
FF0D6F82A0EC13952E83B9439100E45D	- C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll -	Facebook Video Calling Plugin
87A356753B2208461DA361B13E7E909C	- C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll -	Unity Player

Profilepath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\r8ffzqmc.default
FF0D6F82A0EC13952E83B9439100E45D	- C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll -	Facebook Video Calling Plugin
87A356753B2208461DA361B13E7E909C	- C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll -	Unity Player
15E298B5EC5B89C5994A59863969D9FF	- C:\windows\SysWOW64\npmproxy.dll -	Microsoft� Windows� Operating System


==== Deleted Firefox Extensions ======================

C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\toolbar@ask.com deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\urladvisor.crx[28/01/2013 03:13]
hghkgaeecgjhjkannahfamoehjmkjail - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\content_blocker_chrome.crx[28/01/2013 03:13]
jagncdcchgajhfhijbbhecadmaiegcmh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\virtkbd.crx[28/06/2013 20:21]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[22/11/2012 11:30]
ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx[]
pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ChromeExt\ab.crx[]

Google Docs - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Kaspersky URL Advisor - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj
Content Blocker - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail
Virtual Keyboard - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh
Skype Click to Call - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
AVG Security Toolbar - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Google Wallet - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Kaspersky URL Advisor - user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj
Content Blocker - user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail
Virtual Keyboard - user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh
Skype Click to Call - user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
AVG Security Toolbar - user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Google Wallet - user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://nl.msn.com/?pc=UP97&ocid=UP97DHP"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://nl.msn.com/?pc=UP97&ocid=UP97DHP"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\virtualKeyboard@kaspersky.ru deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\avg@toolbar deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pjldcfjmnllhmgjclecdnfampinooman deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D} deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WFSGPVO will be deleted at reboot
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7DTF8DXX will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=915 folders=256 194890890 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Gast\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\UpdatusUser.LAPTOP\AppData\Local\temp emptied successfully
C:\Users\user\AppData\Local\Temp will be emptied at reboot
C:\windows\SysNative\config\systemprofile\AppData\Local\temp emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\user\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Program Files (x86)\melondrea"  not found
"C:\PROGRA~2\melondrea"  not found
"C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WFSGPVO" not found
"C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7DTF8DXX" not found

==== EOF on za 03/05/2014 at 22:16:14,51 ======================