
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Jef on wo 07/05/2014 at 13:33:13,98.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jef\Downloads\zoek.exe [Scan all users]   [Quick Scan] [Auto Clean]

==== Older Logs ======================

C:\zoek-results2013-10-22-230310.log	67004 bytes
C:\zoek-results2013-11-08-223522.log	42455 bytes

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\Apple deleted successfully
C:\PROGRA~3\Adobe deleted successfully
C:\PROGRA~3\Musicnotes deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\Users\Jef\AppData\Roaming\TP deleted successfully
C:\Users\Jef\AppData\Roaming\VOPackage deleted successfully
C:\Users\Jef\AppData\Roaming\WinRAR deleted successfully
C:\Users\Jef\AppData\Local\Adobe deleted successfully
C:\Users\Jef\AppData\Local\Lollipop deleted successfully
C:\Users\Jef\AppData\Local\PDFC deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3538665699-716225954-3718293510-1001\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully
HKEY_USERS\S-1-5-21-3538665699-716225954-3718293510-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C45EC9F0-8333-465D-9728-074BD41985C9} deleted successfully
HKEY_USERS\S-1-5-21-3538665699-716225954-3718293510-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C45EC9F0-8333-465D-9728-074BD41985C9} deleted successfully
HKEY_USERS\S-1-5-21-3538665699-716225954-3718293510-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21347690-EC41-4F9A-8887-1F4AEE672439} deleted successfully
HKEY_USERS\S-1-5-21-3538665699-716225954-3718293510-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C547C6C2-561B-4169-A2A5-20BA771CA93B} deleted successfully
HKEY_USERS\S-1-5-21-3538665699-716225954-3718293510-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9} deleted successfully
HKEY_USERS\S-1-5-21-3538665699-716225954-3718293510-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully
HKEY_USERS\S-1-5-21-3538665699-716225954-3718293510-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{C45EC9F0-8333-465D-9728-074BD41985C9} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C45EC9F0-8333-465D-9728-074BD41985C9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C45EC9F0-8333-465D-9728-074BD41985C9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C45EC9F0-8333-465D-9728-074BD41985C9} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0696f815-a3a9-490a-bb14-9ec3350b1276} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{93a3111f-4f74-4ed8-895e-d9708497629e} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3538665699-716225954-3718293510-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{0696f815-a3a9-490a-bb14-9ec3350b1276} deleted successfully
HKEY_USERS\S-1-5-21-3538665699-716225954-3718293510-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{93a3111f-4f74-4ed8-895e-d9708497629e} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\4zffxtbr@VideoDownloadConverter_4z.com deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BackupStack deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BackupStack deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CltMngSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\CltMngSvc deleted successfully

==== Deleting Files \ Folders ======================

C:\PROGRA~2\BrowseMark deleted
C:\PROGRA~2\LinkSwift deleted
C:\PROGRA~2\Speed Test 127 deleted
C:\PROGRA~2\Video Downloader deleted
C:\PROGRA~2\AnyProtectEx deleted
C:\PROGRA~2\PC Performer deleted
C:\PROGRA~2\TelevisionFanatic deleted
C:\PROGRA~2\Optimizer Pro deleted
C:\PROGRA~2\MyPC Backup deleted
C:\Users\Jef\AppData\Roaming\PerformerSoft deleted
C:\Users\Jef\AppData\Local\iLivid deleted
C:\Users\Jef\AppData\Local\nsv7920.tmp deleted
C:\Users\Jef\AppData\Local\Smartbar deleted
C:\Windows\SysNative\roboot64.exe deleted
C:\Users\Jef\Downloads\VideoPerformerSetup.exe deleted
C:\Users\Jef\AppData\LocalLow\WhiteSmoke_US_New deleted
C:\Windows\Reimage.ini deleted
C:\Users\Jef\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers deleted
C:\Users\Jef\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Jef\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-05-07 11:30:28	5869FBC754578A59C8C8635B99DB79DE	17384448	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2014-05-07 11:30:28	2518D1922371892ADEF1F07147DBD72A	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 22:38:54	AA12D7A960DB78DD9690AB5B5DAE6586	440832	----a-w-	C:\Windows\SysWOW64\ieui.dll
2014-05-06 22:38:53	CE6921D33682C6C3DB8A45853CC69402	455168	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2014-05-06 22:38:47	7E9FE7DB43BC204E44F159F843E35C15	367616	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2014-05-06 22:38:46	EDACA6C44D9CE200F899B7DB0F201DFF	164864	----a-w-	C:\Windows\SysWOW64\msrating.dll
2014-05-06 22:38:46	EBC35FE64056910A84485BEEB6DCCAC6	524288	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2014-05-06 22:38:46	34FC79C948EE2C5FD0CD699E7D7F91B7	244224	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2014-05-06 22:38:46	31385A6CAA31BE9D07B0B32E5AA99ABB	43008	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2014-05-06 22:38:45	C9CA9803299EB6AFA34CB520BAAB083D	32256	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-06 22:38:45	82287FCFFA4A2D60FD744E3FEB3192C5	61952	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2014-05-06 22:38:45	21BF6759685FD193715B483F2B3F21B1	112128	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2014-05-06 22:38:45	0FDC1A576A3F40420882C0F7C4A66EAD	32768	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2014-05-06 22:38:43	BB185D4A9362AA17CBCEC0768CDBF249	704512	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2014-05-06 22:38:43	6557B48D53D653CFCCE3CB1CFA53A8E1	51200	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-06 22:38:43	0F4A295516781897FFB09B4CCF2E8798	592896	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2014-05-06 22:38:40	E4E829EE073E046B0EB19B5FECB19B8C	1789440	----a-w-	C:\Windows\SysWOW64\wininet.dll
2014-05-06 22:38:40	76F58DB8F85C125E0D6B3AA42F3BF1D0	1143808	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2014-05-06 22:38:40	05BD47136DE62FAFE9F95B40E4100144	2178048	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2014-05-06 22:38:39	C4A383FD50FBD7E274DD41CF571DF898	1967104	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2014-05-06 22:38:38	2AFBB91BBD2378933B26E6D68C140D1B	11745792	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2014-05-06 22:38:36	8C46360D6EF9D4C563FE834C4F287DA3	4254720	----a-w-	C:\Windows\SysWOW64\jscript9.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-05-07 11:30:29	A98DA2EC1E56CF52C682D072F77D9874	23547904	----a-w-	C:\Windows\Sysnative\mshtml.dll
2014-05-07 11:30:28	DE5DE05946D6FC2DC494C55BC7BC4C6E	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2014-05-06 22:38:54	7446786E7092ABE122D372F95E6ED74B	574976	----a-w-	C:\Windows\Sysnative\ieui.dll
2014-05-06 22:38:53	FFF555C177D9F2B79B5C3146BED09FB1	548352	----a-w-	C:\Windows\Sysnative\vbscript.dll
2014-05-06 22:38:49	D6067F7EE060C5D6D79008AD591B4E3B	33792	----a-w-	C:\Windows\Sysnative\iernonce.dll
2014-05-06 22:38:49	3F498856C68725717195C16568FE19D0	586240	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2014-05-06 22:38:48	964C89BC8A52A260D68C90FDDEB862E2	38400	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-05-06 22:38:48	72116CC377FF4281B0132C397026D911	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2014-05-06 22:38:47	E0D95345D1EBB54F28E958782B9C0CE0	453120	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2014-05-06 22:38:47	3F547245C78F4847B73EDDFD4A2F7E12	752640	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2014-05-06 22:38:46	E7161E2C66FF9B1E87C30FC9D2497ABB	195584	----a-w-	C:\Windows\Sysnative\msrating.dll
2014-05-06 22:38:46	CFBA793F678EB3855052ECF99357A9A1	296960	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2014-05-06 22:38:46	CB57E934280D346AE0A9B053DAA284C5	51200	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2014-05-06 22:38:46	75AD355828187145A60E3DC7BAF7B0F3	628736	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2014-05-06 22:38:45	A3F9A9E46BDDBB8B20B7CF3EEDB990F2	66048	----a-w-	C:\Windows\Sysnative\iesetup.dll
2014-05-06 22:38:45	1BF215FF4DF6DE10D2F81A2CE85157D2	139264	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2014-05-06 22:38:43	EBAD8A4D048ED257E4A45F6356541F86	846336	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2014-05-06 22:38:43	915D8A9E112C97C90C654F792B6B28B9	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2014-05-06 22:38:42	A3A132CBE48AF0324466469F2CAAE8A2	111616	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2014-05-06 22:38:42	710FD0E362A1A5C087DB90C1BAC46411	940032	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-05-06 22:38:40	F220BA78AB542C70211D73AE4729B2CD	2260480	----a-w-	C:\Windows\Sysnative\wininet.dll
2014-05-06 22:38:40	1F8534A19A66275C863DE17645CB2A13	2767360	----a-w-	C:\Windows\Sysnative\iertutil.dll
2014-05-06 22:38:39	A14BB2F5F6457738AAA11367F5172A05	13551104	----a-w-	C:\Windows\Sysnative\ieframe.dll
2014-05-06 22:38:39	32417AE8280276968E5C551ED85D3525	1400832	----a-w-	C:\Windows\Sysnative\urlmon.dll
2014-05-06 22:38:39	1654093C8BD3342997D27B71684ACCE8	2043904	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2014-05-06 22:38:37	BF25489459C7A762DD7B3186C7E3984D	5784064	----a-w-	C:\Windows\Sysnative\jscript9.dll
2014-04-27 19:23:14	84ED099009EF0DF82A37D4FEAE012655	465408	----a-w-	C:\Windows\Sysnative\aepdu.dll
2014-04-27 19:23:14	5513F4766C9987D6B0D49D51BB2E5EE4	424448	----a-w-	C:\Windows\Sysnative\aeinv.dll
====== C:\Windows\Sysnative\drivers =====
2014-04-09 21:23:40	B3222734D80013D2C73841B0C549FA63	27584	----a-w-	C:\Windows\Sysnative\drivers\Diskdump.sys
2014-04-09 21:23:40	A3F0BC5897F9D3786A3CB695B163633A	190912	----a-w-	C:\Windows\Sysnative\drivers\storport.sys
2014-04-09 21:23:40	96BB922A0981BC7432C8CF52B5410FE6	274880	----a-w-	C:\Windows\Sysnative\drivers\msiscsi.sys
2014-04-09 21:23:38	1A29A59A4C5BA6F8C85062A613B7E2B2	1684928	----a-w-	C:\Windows\Sysnative\drivers\ntfs.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-05-06 17:10:05	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2014-04-21 13:33:59	--------	d-----w-	C:\PROGRA~2\BlockAndSurf Corp
2014-04-21 12:40:12	--------	d-----w-	C:\PROGRA~2\Free Games 111
======= C: =====
2014-04-21 13:22:35	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\LILA775.tmp
2014-04-21 13:22:35	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\LILA765.tmp
2014-04-21 13:22:35	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\LILA746.tmp
2014-04-21 13:22:35	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\LILA737.tmp
====== C:\Users\Jef\AppData\Roaming ======
2014-04-21 13:25:15	C8BE23A20F7B52BBA48A707E8ACBF815	2866	----a-w-	C:\Users\Jef\AppData\Roaming\aps.scan.results
2014-04-21 13:25:15	BB7FB5B92626954F7174A531327DD0DD	320	----a-w-	C:\Users\Jef\AppData\Roaming\aps.uninstall.scan.results
2014-04-21 13:25:15	A84CB88E4E1E818EB196842A4C5226BB	1210	----a-w-	C:\Users\Jef\AppData\Roaming\aps.scan.quick.results
2014-04-21 13:23:14	--------	d-----w-	C:\Users\Jef\AppData\Local\LPT
====== C:\Users\Jef ======
2014-05-06 17:13:42	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\Jef\Downloads\RSITx64 (3).exe
2014-05-06 17:10:50	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\Jef\Downloads\RSITx64 (2).exe
2014-05-06 17:10:01	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\Jef\Downloads\RSITx64 (1).exe
2014-05-06 16:58:46	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\Jef\Downloads\RSITx64.exe

====== C: exe-files ==
2014-05-06 22:38:52	E0155A11B26C7D5347069AB7ACB62D02	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2014-05-06 22:38:52	BEA4E0C0BA936E8A3DB24D1A37BF70BE	222720	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2014-05-06 22:38:51	F972DDD19A10F53D74021DDEAC07CCA6	470016	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-05-06 22:38:51	C5C7E33308BAE18BD9F59F9A93E85D33	482816	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2014-05-06 22:38:39	EA8386CA87165460D39A1D29FF11080B	809680	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2014-05-06 22:38:39	0667ED9F8E905E1F73DB60ACCEDCBCA7	811728	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-05-06 17:13:42	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Documents and Settings\Jef\Downloads\RSITx64 (3).exe
2014-05-06 17:10:50	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Documents and Settings\Jef\Downloads\RSITx64 (2).exe
2014-05-06 17:10:06	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Jef.exe
2014-05-06 17:10:01	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Documents and Settings\Jef\Downloads\RSITx64 (1).exe
2014-05-06 16:58:46	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Documents and Settings\Jef\Downloads\RSITx64.exe
=== C: other files ==
2014-05-06 20:49:56	86A702C44DA3587D0A034A1E2555C274	1645020	----a-w-	C:\Documents and Settings\Jef\Downloads\KV2-deel 1 (1).zip
2014-05-06 20:49:16	86A702C44DA3587D0A034A1E2555C274	1645020	----a-w-	C:\Documents and Settings\Jef\Downloads\KV2-deel 1.zip
2014-05-06 20:48:07	9B8429A844431124E80BBFCE3E9BBDE8	2974308	----a-w-	C:\Documents and Settings\Jef\Downloads\KV1-deel 1.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3538665699-716225954-3718293510-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"ffbfadbbdebdefsacfsfdsf"="C:\ProgramData\ffbfadbbdebdefsacfsfdsf.exe"
"Spotify Web Helper"="C:\Users\Jef\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"HP Software Update"="c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe"
"PDF Complete"="C:\Program Files (x86)\PDF Complete\pdfsty.exe"
"TelevisionFanatic Search Scope Monitor"="C:\PROGRA~2\TELEVI~2\bar\1.bin\64srchmn.exe /m=2 /w /h"
"TelevisionFanatic Browser Plugin Loader"="C:\PROGRA~2\TELEVI~2\bar\1.bin\64brmon.exe"
"ApnUpdater"="C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
"VideoDownloadConverter Search Scope Monitor"="C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe /m=2 /w /h"
"VideoDownloadConverter_4z Browser Plugin Loader"="C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbrmon.exe"
"IsaKbcCertUpdate"="C:\Program Files (x86)\Common Files\Isabel\isa_kbc_certupdate.exe"
"vProt"="C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"ffbfadbbdebdefsacfsfdsf"="C:\ProgramData\ffbfadbbdebdefsacfsfdsf.exe"
"Spotify Web Helper"="C:\Users\Jef\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe"
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update"

==== Startup Folders ======================

2013-10-06 11:10:14	1106	----a-w-	C:\Users\Jef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AX.lnk
2014-02-27 16:48:49	1974	----a-w-	C:\Users\Jef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Canon IJ Status Monitor Canon MG3200 series Printer.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [29/04/2014 18:06]
C:\Windows\tasks\AutoKMS.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15/08/2012 01:40]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15/08/2012 01:40]
C:\Windows\tasks\HPCeeScheduleForJEF-HP$.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [14/09/2010 07:15]
C:\Windows\tasks\HPCeeScheduleForJef.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AutoKMS" [C:\AutoKMS\AutoKMS.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HPCeeScheduleForJef" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\Windows\SysNative\tasks\HPCeeScheduleForJEF-HP$" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{3490FE78-24AF-4068-8AD7-9636467DEAD0}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{3A08F9D0-0CB6-4720-BAF7-023A3504BEE6}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/5.3.0.111.396/nl/abandoninstall?page=tsOptions&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled]
"C:\Windows\SysNative\tasks\{F875F7A2-2141-4FDF-BCED-E365856FD89A}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/5.3.0.111.396/nl/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"64ffxtbr@TelevisionFanatic.com"="C:\Program Files (x86)\TelevisionFanatic\bar\1.bin" []
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"freegames4357@BestOffers"="C:\Users\Jef\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers" []

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
jpgfhihjicjofdejkbjgnjlaglaciobe - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx[03/06/2011 13:55]

Google Docs - Jef\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Jef\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Jef\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Jef\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Website Logon - Jef\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpgfhihjicjofdejkbjgnjlaglaciobe
Google Wallet - Jef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Jef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Website Logon - Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jpgfhihjicjofdejkbjgnjlaglaciobe
Google Wallet - Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Movies Toolbar - Jef\AppData\Local\Torch\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob
Ask Toolbar - Jef\AppData\Local\Torch\User Data\Default\Extensions\aaaalejpmnocmhmlbmlkjemekckoagne
Google Drive - Jef\AppData\Local\Torch\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Jef\AppData\Local\Torch\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
DropToS - Jef\AppData\Local\Torch\User Data\Default\Extensions\cipmepknanmbbaneimacddfemfbfgpgo
Google Search - Jef\AppData\Local\Torch\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Torch Shopping - Jef\AppData\Local\Torch\User Data\Default\Extensions\dmgjnkhnkblpmfjpdakehnaikgdjllic
Torch Games - Jef\AppData\Local\Torch\User Data\Default\Extensions\elnodfjhjgpnmdhklbfeijeaehcgffnp
Torch Music - Jef\AppData\Local\Torch\User Data\Default\Extensions\gcjbdjlojcomlphfchhihkigepfabcad
FaceLift - Jef\AppData\Local\Torch\User Data\Default\Extensions\gimjmfipknpppbpmkdenjjpfhobiiojk
Website Logon - Jef\AppData\Local\Torch\User Data\Default\Extensions\jpgfhihjicjofdejkbjgnjlaglaciobe
Torch Helper - Jef\AppData\Local\Torch\User Data\Default\Extensions\lecpjhggilhbceadobnggaagnpfpafhg
Torch Torrent - Jef\AppData\Local\Torch\User Data\Default\Extensions\mpdmibcjecdaibcnlilhiopefjgegjjc
Google Wallet - Jef\AppData\Local\Torch\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Torch Music - Jef\AppData\Local\Torch\User Data\Default\Extensions\ohimbkoaphfnmekmfppijeblmkncneed
Hola for Torch - Jef\AppData\Local\Torch\User Data\Default\Extensions\pdehmppfilefbolgganhfihpbmjlgebh
Gmail - Jef\AppData\Local\Torch\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Jef\AppData\Local\Torch\User Data\Default\Extensions\dmgjnkhnkblpmfjpdakehnaikgdjllic deleted successfully
C:\Users\Jef\AppData\Local\Torch\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob deleted successfully
C:\Users\Jef\AppData\Local\Torch\User Data\Default\Extensions\aaaalejpmnocmhmlbmlkjemekckoagne deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.trovigo.com/?gd=&ctid=CT3324417&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=55&CUI=&UM=2&UP=SP90747ECE-EC75-4A94-9BC8-AEAFB85F4CBA&SSPV="

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.trovigo.com/?gd=&ctid=CT3324417&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=55&CUI=&UM=2&UP=SP90747ECE-EC75-4A94-9BC8-AEAFB85F4CBA&SSPV="

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3538665699-716225954-3718293510-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c98d5b61-b0ea-4d48-9839-1079d352d880} deleted successfully
HKEY_USERS\S-1-5-21-3538665699-716225954-3718293510-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c98d5b61-b0ea-4d48-9839-1079d352d880} deleted successfully
HKEY_USERS\S-1-5-21-3538665699-716225954-3718293510-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7} deleted successfully
HKEY_USERS\S-1-5-21-3538665699-716225954-3718293510-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7} deleted successfully
HKEY_USERS\S-1-5-21-3538665699-716225954-3718293510-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5d79f641-c168-40df-a32f-bacea7509e75} deleted successfully
HKEY_USERS\S-1-5-21-3538665699-716225954-3718293510-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5d79f641-c168-40df-a32f-bacea7509e75} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{c98d5b61-b0ea-4d48-9839-1079d352d880} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{5d79f641-c168-40df-a32f-bacea7509e75} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5d79f641-c168-40df-a32f-bacea7509e75} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3538665699-716225954-3718293510-1001\Software\Mozilla\Firefox\Extensions\speedtest4354@BestOffers deleted successfully
HKEY_USERS\S-1-5-21-3538665699-716225954-3718293510-1001\Software\Mozilla\Firefox\Extensions\freegames4357@BestOffers deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{c98d5b61-b0ea-4d48-9839-1079d352d880} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\64ffxtbr@TelevisionFanatic.com deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Performer_is1 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividtoolbarguid deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Jef\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
C:\Users\Jef\AppData\Local\Torch\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2807 folders=674 147632272 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Jef\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Jef\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on wo 07/05/2014 at 13:48:27,02 ======================